Senior Cybersecurity GRC Specialist shaping Orion Pharma's cybersecurity governance, risk management, and compliance. Engaging with teams to enhance security posture and meet regulatory standards.
About the role
- Product Security expert ensuring secure software development at NETGEAR. Championing security practices and monitoring vulnerabilities while collaborating with development teams.
Responsibilities
- Serve as the product security subject-matter expert closely collaborating with other NETGEAR product development teams to identify, assess, root-cause, address, validate, and prevent product security issues.
- Be the champion for secure and defensive programming techniques and use of automation to eliminate and prevent security problems.
- Keep up to date with latest advancements in the field and continually elevate the secure software development practices at NETGEAR.
- Use the latest and greatest bug hunting technologies to find security vulnerabilities at scale. Monitor the latest security trends, vulnerabilities, and threat intelligence, and assess their relevance to NETGEAR products.
Requirements
- 10+ years of relevant work experience in application security, hardware, IoT security, security pen-testing, vulnerability discovery, secure software development, and design security reviews.
- Proven track record of implementing and scaling security tooling such as pre-commit hooks with static code analysis (SAST) and dependency security (OSS/SCA), and fine tuning them for the best developer experience.
- Experience with using techniques like fuzzing, reverse engineering, writing SAST rules, semgrep, CodeQL,
- Excellent knowledge of common security weaknesses (like OWASP top-n lists) and best ways to address them.
- Understanding of network security technologies and vulnerabilities, especially in the networking device space.
- Strong analytical and problem-solving skills, the ability to work both independently and collaboratively with diverse stakeholders
- Excellent written and verbal communication skills in English.
- BE or master’s degree in computer science, computer security, application security, information security, or networking.
Benefits
- Health insurance
- Retirement plans
- Paid time off
- Flexible work arrangements
- Professional development
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
System Architect driving secure cloud - native applications using cutting - edge technologies for Product Security at Nokia. Leading AI - driven design and architecture with collaboration across global teams.
Cyber Security Engineer protecting data from threats in a fintech startup. Collaborating with the Information Security Team and implementing security controls for technical projects.
Junior Security Incident Responder in an innovative IT service company protecting clients against cyber threats. Collaborating with teams to enhance IT security and respond to incidents.
Security Incident Responder managing IT security incidents in the Security Operations Center, analyzing threats and coordinating responses effectively for clients' safety.
Senior Security Engineer developing and enhancing security infrastructure for Bank Frick, a pioneer in blockchain banking. Responsible for managing security processes and collaborating with IT teams.
Werkstudent Cyber Security bei Wavestone, Unterstützung im IT - Consulting und Entwicklung im Bereich Cyber - Sicherheit. Analyse von Trends und aktive Teilnahme an Teamaktivitäten.
Project Manager for Security Technology managing complex security projects in MENA region. Involving internal teams and external integrators ensuring project success and client satisfaction.
Cyber Security Manager at British American Tobacco strengthening cyber resilience across Western Europe. Responsible for managing security initiatives and collaborating with regional teams.
Stagiaire responsable de l’accompagnement à la mise en place d’un système SSE pour un bureau d’études en ingénierie. Impliqué dans la structuration, suivi et déploiement de systèmes SSE.