Cyber Security Engineer
Our client is a leading developer of water technology that is used globally. They are looking to hire a Cyber Security Engineer to be responsible for the implementation and execution of security programs and practices. This position will work across software and firmware development teams to identify component and system level technical risks and evaluate critical failure points, determine technical security controls to mitigate risks, and work with cross functional teams to implement features according to product road maps. You will lead security standards implementation, penetration testing and PSIRT programs of for our entire product portfolio. Your passion for security and in-depth knowledge of Product Security will ensure that you deliver high impact results.
This role can be based remotely anywhere in the UK or Europe. There will be an expectation for occasional travel to their Stockholm office but the role will be a remote position outside of this.
Duties & Responsibilities
- Work with the business, devops and systems teams to identify the right architecture for implementing new solutions, products and modules. Develop, implement and maintain product security strategy for the entire product portfolio covering IoT and, Smart-device suites
- Conduct complete lifecycle security architecture and technical assessments for a wide range of products, including embedded devices, enterprise software solutions, and mobile apps
- Engage in application and domain-specific threat modeling and attack surface analysis and reduction
- Provide guidance and leadership on best practices regarding security in software and firmware development
- Contribute to the development and evolution of the application and infrastructure security reference architecture. Develop, implement and maintain the security architecture for product portfolio
- Champion the security SDLC. This includes security testing, penetration testing, and identifying and fixing vulnerabilities in software and applications on all products.
- Implement or manage the implementation of common application security controls
- Assist other developers in remediating vulnerability findings by providing line-by-line guidance.
- Provide training and education to developers on software security best practices.
- Expert level operational support for security escalations from customers
- BS in Computer Science or equivalent with 5-years of experience
- Demonstrated expertise in product/application security architecture, Network security, application security, web services
- Experience with SAST, DAST, SCA and penetration testing tools
- Experience identifying and protecting against web application and web service security vulnerabilities including those found in the OWASP Top 10 IoT Top 10 and CWE Top 25
- Meaningful experience in multiple programming languages
- Solid knowledge of the browser security model, crypto, and network security. Attacker mindset: Real passion for breaking all the things unbreakable.
- Knowledge of secure infrastructure architectures, application architectures, encryption, Cloud Security and broader security technologies.
- Strong operating systems knowledge Windows (all flavors), Debian Linux
- IoT network technologies (such as Bluetooth/BLE, WLAN, Z-Wave, Zigbee, identity/auth security)
- Experience with wireless technologies such as CDMA, E-HRPD, GSM, UMTS, TDS-CDMA, LTE-FDD / LTE-TDD, and 5Gexperience with Android RIL, Telephony, C and Embedded RTOS.
- Scripting knowledge Linux scripting (bash), Windows scripting, Python or Perl
- Strong English communication skills, including written and spoken, is required.
The recruiter has stated that all applicants for this job should be able to prove they are legally entitled to work in the UK. Carbon60 is a trading name of Carbon60 Limited an Employment Business/Agency.
your application has been submitted
Back to job search