Job Search

Ми допоможемо тобі побудувати вражаючу кар’єру

703 + відкриті позиції в усьому світі

703 + відкриті позиції в усьому світі

Senior Product Security Engineer IRC198209

Job: IRC198209
Location: Poland - Krakow
Designation: Senior Software Engineer
Experience: 3-5 years
Function: Engineering
Skills: C#, Docker, Kubernetes, Linux, Windows
Work Model: Remote

Description:

In Grid Integration Services we are at the forefront of the digital revolution: through digital services, we enable our customers to increase the reliability of their assets and systems while optimizing costs. For our growing R&D team, we are looking for a hands-on product security engineer who ensures that our SW solutions fulfill the highest standards of cyber security, integrate with the software ecosystem of our company, and can be taken over by the software operations team. Are you a result-oriented team player who fosters a positive work culture? Are you ready to drive digitalization and innovation for rapidly changing power grids? Are you willing to continuously drive improvement and occasionally get your hands dirty? Then do not hesitate and submit your application today!

Requirements:

  • Bachelor’s degree in computer science, information technology, or similar
  • Knowledge of system administration, networks, infrastructure (switches, routers, firewalls), configuration, troubleshooting, and root cause analysis
  • Strong understanding of cyber security standards, guidelines, and best practices for building highly resilient hardened software systems (e.g., NIST, CIS, and OWASP)
  • Experience in agile software development processes and security development lifecycle processes
  • At least 2 years of experience in software development
  • Experience in system security, product / application security architecture, network security, and web services
  • Experience in implementation, configuration, operation, maintenance, and troubleshooting of security controls such as L3 and L7 firewalls
  • Experience with static code analysis, dynamic code analysis, open-source software scanning, software composition analysis
  • Fluency in written and spoken as well as technical writing English
  • Ability to work independently with a sense of ownership and responsibility
  • Communication and interpersonal skills and intercultural sensitivity
  • Experience with industrial data transfer protocols such as OPC, IEC 61850, OCPP, MQTT, and similar is an advantage
  • Preferably experience in
     Linux, Windows, and mobile environments
     Docker and Kubernetes
     C#, .Net Framework, .Net (Core)
     Microservices and containerized applications
     Azure cloud environment
  • Need to be ready for a business trip

Responsibilities:

  • Act as an individual contributor in RD team and lead the product security efforts
  • Own, enforce, and continuously improve the security development lifecycle process according to IEC 62443-4-1 standard
  • Prepare security requirements documents as part of product requirements engineering and customer solution development phases
  • Prepare security architecture and design documents in response to requirements specifications, develop associated user stories, and drive them through the product development lifecycle
  • Conduct and document threat modeling and attack surface analysis for product releases
  • Conduct code reviews to ensure compliance to the security development lifecycle as well as security architecture and design
  • Ensure products are meeting Hitachi Energy’s minimum cyber security requirements or if customer-specific or respective standards such as IEC 62443-3-3 or IEC 62443-4-2
  • Develop, implement, and configure security controls and solutions (e.g., L3 and L7 firewalls) concluded with respective quality assurance and user acceptance testing activities
  • Conduct security risk assessments and drive the product releases through Hitachi Energy cyber security clearance process and respective tests in close collaboration with Hitachi Energy product security officers and security assurance teams
  • Analyze the developed code, prepare bug reports, conduct root cause analysis, suggest fixes, implement and / or ensure implementation of the identified solution, subsequent verification and validation steps
  • Deploy and operate security solutions for internal / external customer projects in on-premise and / or off-
    premise models
  • Act as L3/L4 support team member for security incident (e.g. vulnerabilities) management process
    Engage with internal / external software development vendors

#LI-Remote #LI-NT1


What We Offer

Empowering Projects: With 500+ clients spanning diverse industries and domains, we provide an exciting opportunity to contribute to groundbreaking projects that leverage cutting-edge technologies. As a team, we engineer digital products that positively impact people’s lives.

Empowering Growth: We foster a culture of continuous learning and professional development. Our dedication is to provide timely and comprehensive assistance for every consultant through our dedicated Learning & Development team, ensuring their continuous growth and success.

DE&I Matters: At GlobalLogic, we deeply value and embrace diversity. We are dedicated to providing equal opportunities for all individuals, fostering an inclusive and empowering work environment.

Career Development: Our corporate culture places a strong emphasis on career development, offering abundant opportunities for growth. Regular interactions with our teams ensure their engagement, motivation, and recognition. We empower our team members to pursue their career goals with confidence and enthusiasm.

Comprehensive Benefits: In addition to equitable compensation, we provide a comprehensive benefits package that prioritizes the overall well-being of our consultants. We genuinely care about their health and strive to create a positive work environment.

Flexible Opportunities: At GlobalLogic, we prioritize work-life balance by offering flexible opportunities tailored to your lifestyle. Explore relocation and rotation options for diverse cultural and professional experiences in different countries with our company.

About GlobalLogic

GlobalLogic is a leader in digital engineering. We help brands across the globe design and build innovative products, platforms, and digital experiences for the modern world. By integrating experience design, complex engineering, and data expertise—we help our clients imagine what’s possible, and accelerate their transition into tomorrow’s digital businesses. Headquartered in Silicon Valley, GlobalLogic operates design studios and engineering centers around the world, extending our deep expertise to customers in the automotive, communications, financial services, healthcare and life sciences, manufacturing, media and entertainment, semiconductor, and technology industries. GlobalLogic is a Hitachi Group Company operating under Hitachi, Ltd. (TSE: 6501) which contributes to a sustainable society with a higher quality of life by driving innovation through data and technology as the Social Innovation Business.

Apply Now

Attach your file here or browse
Only .docx, .rtf, .pdf formats allowed to a max size of 5 MB.

  • URL copied!