Product & Solution Security Expert
Frimley (Surrey) Design / Civil engineering / Industrial engineering
Job description
As trusted advisor and reliable partner, as a system integrator, service provider and a product vendor, Siemens Building Technologies offers energy-efficient, safe and secure buildings and infrastructure. With our people, experience and technical expertise, it's our passion to help you to create the perfect place – your perfect place.
As the Product & Solution Security Expert (PSSE) you will be responsible for ensuring a high level of Security in Building Technologies solutions and services within Northern Europe. The Product & Solution Security (PSS) Initiative actively drives security for Siemens products, solutions and services. It identifies and implements best practices and derives company-wide technical standards, processes & policies.
This will require you to support sales, project managers, solution designers (in development, engineering or service) to implement the required product & solution security (software & hardware) in customer projects.
The Challenge
Key to your role will be to securely build and structure complex customer project solutions based on components and solution elements from Siemens or 3rd party production.
Define Regulations & Support implementation:
· Support the project leader to build up required competencies for product & solution security within the project team.
· Coaching of the project teams during product & solution development.
· Specification and maintenance of secure coding, secure design guidelines.
· Specification and maintenance of configuration and hardening guidelines.
· Synchronize adequately with Information Security organization to ensure that the development, manufacturing and integration IT infrastructure is sufficiently secure.
· Review of documents produced during the development and engineering process .
Guide Technological Aspects:
· Specification and maintenance of security requirements for the projects.
· Planning and performing threat and risk analysis and definition of countermeasures in line with risk acceptance criteria of organization.
· Evaluate of third party components regarding product & solution security.
· Clearance of implementation and documentation of security critical components.
· Verification of implementation regarding security requirements.
Specific responsibilities such as:
· Validation (e.g. Friendly hacking, penetration testing) to ensure that implementation fulfills security expectations of customers as well as providing recommendations and creating security testing tools.
· Involvement in the analysis and handling of security vulnerabilities & incidents.
Support Communication:
· Exchange experiences with internal and external product & solution security community and monitor standards and trends.
· Contact person for product management, supply management for security topics. Support for communication with customer.
· Represent customer project towards customer security representatives, align with customer's security and risk strategy.
Measure & Report:
· Participate in release of products & solutions from product & solution security standpoint.
· Collection of product & solution security related lessons learned and feed into in continuous improvement activities.
***A full comprehensive job description is available***
The Product & Solution Security Expert (PSSE)
As the PSSE your strong IT skills and specialisation in at least one of the following areas: Secure Architecture & Design, Secure Implementation, Secure Project Integration, or Secure Services, will be key to the success of this role.
You will be an expert in other areas too such as:
· Security of data, information and functionality in customer solution projects
· Professional incident and vulnerability handling in all lifecycle phases of portfolio
· Understanding threats and implements corresponding counter-measures to prevent loss of confident ability, integrity and/or availability in our customers facilities
· Implementing technologies to secure IT systems against attacks
· Communicating effectively to ensure a mutual understanding of topics
· Identifying and resolving conflicts applying dedicated methods
You will also have experience of:
· Applying methods and tools to ensure quality of work products
· Ensuring manufacturability and testability of products, design and improve production processes
· Eliciting, elaborating and managing (non-) functional requirements
· Create architecture & realization concepts for technical systems
· Plan and execute service for software products and solutions
· Define, develop and test systems with divers components
· Ensure security of data, information and functionality during implementation
About us
We’re Siemens. A collection of over 348,000 great minds who are all making the future and you could be one of them. We have offices across the UK, full of talented individual’s helping us to challenge the today and work towards a brighter tomorrow.
Want to join us and be a Future Maker?
We’re excited to hear that you would like to join us here at Siemens. Our people love it here and we want you to be a part of helping us make real, what matters.
We are looking forward to receiving your online application. Please ensure you complete all areas ,of the application form, to the best of your ability to help us review your suitability for the role. We will be in contact as soon as possible with an update on your application.
What else do I need to know?
The benefits package for this role includes not only a generous base salary, but an annual bonus. We know that not everyone’s lifestyle is the same, so we operate a flexible benefits scheme where you can tailor your benefits package to suit you.
If we all thought the same, we would never think of anything new. That’s why we recruit great minds from all walks of life. We embrace diversity and create what’s right for the world by employing the people who live in it.