Product Cybersecurity Verification &amp Validation Engineer

Professional Galaxy is an IT and technology consulting company that provides highly specialized expertise in IT software development SAP purchasing electronics and mechanical design. We collaborate with experienced senior experts and deliver strategic value-creating expertise to some of Swedens most complex and analytically demanding projects. Our focus is always on high quality professionalism and clear measurable results.

Are you the right person for the assignment or do you want to recommend a strong candidate Do not hesitate to contact us.

Feel free to apply today selection and interviews take place on an ongoing basis.

Professional Galaxy is looking for a Product Cybersecurity Verification & Validation Engineer on behalf of our client.

Job summary
Within our clients cybersecurity organization the Product Security Assurance Center (PSAC) is establishing an internal capability for Product Cybersecurity Verification & Validation in accordance with IEC 62443 standards. Operating from Västerås the center provides centralized security testing and compliance validation for our clients entire global product portfolio. Join us on this journey to build this critical security function.

Your responsibilities:
We seek a skilled Product Cybersecurity Verification & Validation Engineer to execute comprehensive product security assurance testing across our portfolio per IEC 62443 standards. You will perform vulnerability testing penetration testing protocol stack robustness assessment and compliance validation while establishing our independent PSAC capability.

This position requires regular on-site presence in Västerås for hands-on security testing in the PSAC laboratory with remote work flexibility for documentation analysis and research activities. Applicants must be flexible to commute to Västerås.

You will be mainly accountable for:
Manage full lifecycle of PSAC testing requests reviewing submitted products for security testing readiness regulations and IEC 62443 compliance validation.

Execute comprehensive security test suites including network security testing vulnerability scanning web/mobile/embedded/API security testing SAST/DAST analysis penetration testing and industrial protocol testing.

Conduct vulnerability analysis and in-depth assessment of security findings generating comprehensive PSAC reports with actionable recommendations for development teams.

Research and evaluate security requirement testing methodologies for cloud platforms APIs and emerging technologies; create new test methodologies to address evolving threats. Prepare for potential security requirement testing and threat mitigation testing

Perform hands-on security testing of robotics products in the PSAC laboratory using specialized equipment for network analysis and embedded systems validation.

Qualifications for the role:
-Bachelors or Masters in Cybersecurity Computer Engineering or related field.
-5 years of hands-on experience in security testing penetration testing or vulnerability testing preferably in industrial automation robotics or embedded systems.
-In-depth knowledge of TCP/IP networking application protocols and industrial control communication protocols.

Proficiency with security testing tools: vulnerability scanners web/mobile/API/Embedded testing tools penetration testing frameworks network analysis and SAST/DAST tools.

- Strong understanding of OWASP Top 10 SANS 25 vulnerabilities
- Experience with embedded systems security and IoT/OT security.
- Knowledge of industrial protocols (EtherNet/IP PROFINET OPC UA) and cryptographic protocols (SSL/TLS).
- Programming/scripting proficiency for test automation.
- Excellent technical writing skills and ability to work independently and collaboratively.
- Verbal and written fluency in English

Additional Merits:
- Professional certifications
- Knowledge of IEC 62443 standard

Demonstrated curiosity and passion for learning emerging security technologies and attack techniques.
Experience with hardware exploitation side-channel analysis or IoT security.

Other Information :

Assignment Duration :till Open

Assignment duration: 1 year

Application Deadline :

Please apply directly through our system with:

- Your updated CV

- Availability to start the assignment

In the motivation describe why you are suitable for this assignment - refer to previous consulting assignments employment education and personal qualities.

Please note: We do not accept any applications through mail. All applications have to be sent through the portal to be valid.