确保产品在研发测试工程中,产品网络安全性
要求:英文流利,有项目管理经Sr. Product Security Architect, Shanghai, ACS, ACS
The people in this position shall be based in China, will lead Secure Software Development Lifecycle Activities for China, which include: defining cyber secure design standards; leading cyber threat modeling and assessments; defining security solutions, leading cyber threat assessments and engineering activities on the security of computer and embedded systems, including computers, computer networks, communications devices, control systems, and communications networks, with an emphasis on the security of physical security systems.
The people in this position is the primary focal point for all cyber security matters related to the products of ACS in addition to product security compliance and external security certifications.
Required:
? Bachelor\'s degree in Computer Science, Electrical Engineering or similar discipline with an emphasis on electronic system security or cyber security
? 6-8 years’ experience in cybersecurity or software development
? Technical leadership experience in the software or cybersecurity field
? Excellent communications skills
? Familiarity with both PC/server based software and embedded software in the automation and control systems domain
? Familiarity with software development lifecycle
? Familiarity with unmanaged and managed programming languages
? Fluent spoken English
Preferred:
? Master\'s degree in Computer Science, Electrical Engineering or similar discipline with an emphasis on electronic system security
? CISSP, CSSLP or CEH certification
Desirable Skills and Experience
? Experience with security standards for industrial control systems such as ISA/IEC-62443
? Knowledge and experience with key management using Trusted Platform Modules and Secure Elements
? Knowledge and experience with cryptographic algorithms including DES, RSA, ECC, AES and so on
? Knowledge and practice utilizing role-based access control and PKI certificates to authenticate end points, system processes, and users
? Experience and knowledge of penetration testing methodologies and tools such as OSSTMM and Metasploit
? Up to date knowledge of exploit techniques and hacker methodologies
? Understanding of multiple development processes and practices such as RUP, Agile/SCRUM, etc.
? Research and development experience in cyber security
? Experience in system penetration testing |
