Arbetsbeskrivning
Veritaz is a leading IT staffing solutions provider in Sweden, committed to advancing individual careers and aiding employers in securing the perfect talent fit.
With a proven track record of successful partnerships with top companies, we have rapidly grown our presence in the USA, Europe, and Sweden as a dependable and trusted resource within the IT industry.
Assignment Description:
We are looking for a Senior Product Software Security Specialist to join our dynamic team.
What you will work on:
- Ensure compliance with industrial security standards and regulations by performing assessments against IEC 62443-4-1, IEC 62443-4-2, CRA, and RED.
Support R&D teams in achieving security compliance with relevant standards and legislation.
- Conduct threat modeling and risk assessments specific to industrial software, focusing on attack vectors such as remote access, third-party software, and network protocols.
Develop and improve processes and templates for threat modeling and risk assessment.
- Address customer security questionnaires related to industrial products and translate customer requirements into actionable product security specifications.
- Integrate security best practices throughout the Secure Software Development Lifecycle (SDLC) for industrial systems, ensuring that security is embedded in every stage from design to deployment and ongoing maintenance.
- Support the integration of security testing tools into test and development environments, including CI/CD pipelines.
What you bring:
- 3+ years of experience in software or product security, preferably in industrial or OT environments.
- Proven experience in assessing and securing software for industrial control systems (ICS), SCADA systems, or embedded software.
- Strong understanding of software/product security principles and proficiency in securing industrial software systems.
- Expertise in threat modeling, risk assessment, and implementing security controls.
- Familiarity with cybersecurity standards such as IEC 62443.
- Proficiency in programming languages relevant to industrial systems (e.g., C/C++, Python, Java) and secure coding practices.
- Excellent communication skills for effective collaboration with cross-functional teams, including product managers, marketing, and developers.
- Optional certifications such as ISA/IEC 62443 Cybersecurity Certification or Certified Secure Software Lifecycle Professional (CSSLP).
- Proficiency in English for both written and verbal communication.