Siemens Healthcare
Location
Bangalore | India
Job description
- Developing products and services for customers
- Security architecture and design
- Threat and risk analysis / threat modeling / security risk analysis
- Security vulnerability monitoring / 3rd party software security evaluation
- Security incident handling / security forensic analysis
- Automated security tooling / vulnerability scanning / code analysis
- Fuzz testing / penetration testing
- Secure coding and design guidelines / secure software development lifecycle processes
- HIPAA / HITECH regulations / FDA cybersecurity regulations for medical devices
- Standards: IEC 62443, NIST SP 800-x, IEC 80001, CLSI AUTO11-Ax, ISO 27001 etc
-Certified Information Systems Security Professional (CISSP) or Certified Secure Software Life
cycle Professional (CSSLP) or equivalent demonstrated expertise is beneficial.
Areas of Responsbility:
-Support project teams in conducting the corresponding security activities during the
development process, project management process and services and in product and
solution release.
-Participate in incident response teams, incident escalation
-Participate in threat and risk analysis workshops
-Provide expertise and support in security tools to product teams
-Conduct product and solution security training and development of training material.
-Develop and maintain security guidelines and guidance for product development teams.
-Collect product solution security related lessons learned and feed into continuous
improvement activities (e.g. update of guidelines, reporting to PSSOs, integration in
awareness material).
-Stay up-to-date on the latest security threats/technologies.
-Support the development of the PSS community within the organization, with
experience exchange internally and externally.
support multiple projects at the same time and should occupy the function
for the main part of defined working time.
Contacts
(internal/external):
-Internal: CYSO, CYSEs within other business units, Product Owner, Project Manager,
-Development and Test team, Architect, Quality and Risk Management, Business
Management.
-External: Security Community, External companies (collaboration, standardization),
Customers security representatives
Job tags
Salary
