Product Security Program Administrator
Product Security Program Administrator
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
$ 93750 - 125000
1 Vacancy
Job Description
Reporting to the Senior Manager of OT Security the Product Security Program Administrator will be responsible for the administration of the Product Cybersecurity Design Program (PCDP). Aligned with IECthe PCDP is Dematics formal process to address product lifecycle security.
The incumbent will consult disparate product teams on the required processes activities and deliverables relating to the PCDP. The incumbent will align with the process excellence and quality teams to ensure maintenance of the PCDP and regulatory compliance of Dematic products. The incumbent will guide a growing team of risk analysts and security engineers to fulfill day to day task work. The incumbent will embed with matrixed technical teams to research audit and produce specifications (i.e. context of use threat model risk assessment) resulting in regulatory compliance and risk informed controls engineering. The incumbent will leverage existing processes & standards will create / update / publish information to supplement and grow the PCDP. The incumbent may assist in research and response to contract proposal or RFQ requests.
The scope of this role is component & system-wide security for Dematic products & solutions as applied to warehouse automation equipment machine controls software and networks. The incumbent will provide varying levels of process & technical consultancy to product management product engineers and 3rd party vendors to ensure programmatic & technical security requirements for Dematics sophisticated industrial automation control products are satisfied. If you are passionate about risk informed engineering compliance with emerging security regulations and creating the future in a breakthrough segment of OT cybersecurity this role is for you!
We offer:
- Career Development
- Competitive Compensation and Benefits
- Pay Transparency
- Global Opportunities
This policy applies to all terms and conditions of employment including recruiting hiring placement promotion termination layoff recall transfer leaves of absence compensation and training.
The base pay range for this role is estimated to be $93750-$125000 at the time of posting. Final compensation will be determined by various factors such as work location education experience knowledge and skills.
Tasks and Qualifications:
What You Will Do in This Role:
- Administrate the Product Cybersecurity Design Program (PCDP).
- Consult disparate product teams on the required processes activities and deliverables relating to the PCDP.
- Execute the risk assessment and design review responsibilities defined within the PCDP tollgates.
- Champion the risk management framework within the PCDP resulting in secure-by-design products and reusable internal standards.
- Align with product teams to conduct context of use threat modeling and initial risk assessment within Dematics existing product catalog.
- Align with the quality and process excellence teams to drive regulatory security compliance of products.
- Maintain regular alignment and information sharing with enterprise IT CTO R&D and other functions.
- Work closely with technical engineering teams to validate / supplement audit findings derive appropriate technical controls and produce required security documentation.
- Apply risk-based methodology to justify risk mitigation or acceptance.
- Specify controls based on risk informed decision-making accounting for finite resources and business priorities.
- Contribute & participate in regular scrums technical design reviews and regulatory security activities.
- Balance Dematics role as OEM and System Integrator against responsibilities and reasonable expectations of the Asset Owner within the risk management framework to achieve stewardship of finite resources.
- Convert product & system deliverables into Standards and publish within the PCDP for future reuse.
What We Are Looking For:
- BS/MS in an engineering or computer science field or 5 years of industrial automation networking electrical engineering or cybersecurity auditing experience including technical knowledge of various security frameworks standards applications and applied approaches.
- Process oriented expertise in risk informed cybersecurity engineering based on best practice and industry standards (i.e. IEC 62443) to produce secure by design products and fulfill emerging regulatory requirements.
- Experience in security or risk management relating to industrial automation control systems.
- General knowledge of hardware embedded devices firmware IT hosted software development and operating systems is required.
- Possession of excellent verbal and written communication skills within an organizational setting is strongly required.
- Keen ability to be a self-starter execute with minimum supervision and thrive in breakthrough segment of OT cybersecurity.
- CISSP CRISC GICSP Security Network or similar certifications.
Location & Authorization:This is a hybrid role requiring proximity to one of our U.S. offices (Grand Rapids MI; Plano TX; Salt Lake City UT; or Milwaukee WI).Applicants must be authorized to work in the U.S. without the need for current or future sponsorship.
#LI-DP1
Required Experience:
Unclear Seniority
Employment Type
Full Time
