Website:
huntingcube.ai
Job details:
Job Description
Key Responsibilities
- Product Security & SDL Leadership
- Act as a Subject Matter Expert (SME) for product cybersecurity across the development lifecycle
- Drive Secure Development Lifecycle (SDL) implementation aligned with IEC 62443-4-1
- Lead activities such as:
- Threat modeling
- Secure architecture and design
- Secure coding practices
- Security testing and validation
- Guide development teams on risk-based security decisions
- Security Governance & Compliance
- Ensure compliance with IEC 62443 standards (4-1, 4-2, 3-3)
- Support cybersecurity audits, assessments, and regulatory requirements
- Advise on data protection, privacy, and security for connected and cloud-based products
- Technical Advisory & Risk Management
- Provide expertise in:
- Threat modeling (e.g., STRIDE)
- Risk analysis and CVSS scoring
- Vulnerability management and remediation
- Support secure development environments through:
- Secure coding practices
- Static code analysis
- Software Composition Analysis (SCA)
- Software Bill of Materials (SBOM)
- Promote DevSecOps practices and secure CI/CD pipelines
- Metrics, Maturity & Continuous Improvement
- Define and track cybersecurity and SDL metrics
- Monitor organizational maturity using cybersecurity frameworks
- Report risk posture and security KPIs to leadership
Required Skills
['Product Security', 'Security Advisor']
Additional Information
Key Skills & Competencies
- Strong expertise in Product Security and Cloud Security
- Good understanding of OT/IoT systems, protocols, and architectures
- Hands-on experience with Secure Development Lifecycle practices
- Strong knowledge of:
- IEC 62443 standards
- NIST frameworks
- Data protection and privacy
- Cybersecurity maturity models
Experience & Qualifications
- 12–15 years of experience in engineering or product organizations
- Minimum 8+ years in Product Security or Cloud Security
- At least 5+ years of hands-on experience with IEC 62443-based security practices
- Experience with IEC 62443 certification (4-2 and 3-3) is preferred
- Certifications like CISSP, CISM, or cloud security certifications are a plus
Click on Apply to know more.