Product Security Engineer (Hybrid)
Location: Limerick - Must be onsite 2/3 days per week.
-----------------------------------
About the role:
As the Product Security Engineer, you will be responsible for implementing security requirements and secure coding standards, such as NIST SP 800-53, OWASP, and MS Secure Coding Standards.
-----------------------------------
Key responsibilities:
* Evaluate product designs and provide solutions to remediate security vulnerabilities through product security risk assessments, vulnerability scans, and static and dynamic code analysis tools.
* Define security requirements for new product development and support teams in remediating vulnerabilities with existing products.
* Lead efforts in enhancing, demonstrating, and creating alignment with the extended team, suppliers/partners, and with the larger organization of resources and experts.
-----------------------------------
Day-to-day activities:
* Support teams in reducing product risk by finding practical solutions to increase security in new and existing products.
* Work in a team supporting R&D in implementing secure software solutions by ensuring architecture is in accordance with industry-accepted standards for medical device security, including encryption, disaster recovery, authentication, audit logging, hardening measures, patch management, and vulnerability monitoring.
* Assist in product security risk assessments and provide vulnerability remediation guidance to product development software engineers both on and off-site.
-----------------------------------
Requirements:
* BS degree in Computer Science, Computer Engineering, Electrical Engineering, or other related engineering field.
* Minimum of 3 years of experience in areas such as IT-Security, secure software development, and designs, and risk management.
* Working experience with various encryption algorithms and PKI solutions.
* Understanding of security issues and solutions for embedded devices.
* Good understanding of networking and related security aspects and common attacks.
* Demonstrated understanding of developing in a regulated environment and adhering to a quality management system.
-----------------------------------
Desirable skills:
* Experience with Dynamic and static code analysis tools.
* Knowledge of completing a track Trace and plan using a Security Requirements Traceability Matrix (SRTM) or similar tool.
* Understanding of vulnerability scans and static code analysis results.
* Understanding proper secure coding practices to drive standards within the software engineering organization.
* Recognized Security certifications are a plus (CISSP, CASP+, CSSLP etc.).
-----------------------------------
Candidates should hold appropriate RTWs for Ireland, i.e. Stamp1 G, Stamp 4, Irish/British/EU passport.
-----------------------------------
eir evo talent is an equal opportunity employer who seeks to recruit and appoint the best available person for a job regardless of marital/civil partnership status, sex (including pregnancy), age, religion, belief, race, nationality, and ethnic or national origin, colour, sexual orientation, or disability.
eir evo talent apply all relevant Data Protection laws when processing your Personal Data.