Wooodward Poland Sp. z o. o.
ul. Skarbowa 32
32-005 Niepołomice
The Product Cyber Security (CS) Engineer will be responsible for coordinating and performing product cyber security functions within Woodward business unit(s) as described in Secure Development Lifecycle (SDLC). This member supports the implementation and adoption of cyber security standard work processes (including, but not limited to, risk assessment, awareness/training, incident response, and strategic initiatives.) In addition, this member will advise developers, test engineers, and supply chain resources on all business unit related with product cyber security issues.
Join our Turbine Systems Team as a Product Cyber Security Engineer
Product Cyber Security Engineer
Nr Ref.: 2100357
DUTIES:
- Oversee a program implementation of Woodward SDLC (Secure Development Lifecycle), based on IEC 62443-4-1 practices, with the goal of Security Development Lifecycle Accreditation (SDLA) through ISASecure or TUV
- Assist product teams with successful IEC 62443 process and device certification
- Security Requirements management: generation of deliverable reports, security reviews for both hardware and software requirements, coordination between safety and security for requirements and processes
- Assist with the development of department processes, methods and checklists
- Manage product Cyber Security incident response:
- Intake of vulnerability reports from vendors, customer, or security researchers
- Analyze impact and assess risk of vulnerabilities
- Provide actionable information to management regarding risk, exploitability, and priority
- Coordinate with corporate level groups on Woodward cybersecurity initiatives
- Apply networking knowledge and skills to Cyber Security threats and incidents
- Provide work effort estimates, assist in project planning efforts including project task definition
- Execute the standard work relative to Product Cyber Security processes. Lead efforts in improving standard work
- Provide Product Cyber Security knowledge into proposals and risk assessments
- Responsible for suggesting and supporting new cyber tools usage
- Assist with training WWD members on national, regional, and international regulations/standards
- Responsible for keeping abreast of new and changing regulations and best practices pertaining to Product Cyber Security
- Strong knowledge of software development and analysis tools including editors, compilers, linkers, debuggers, code analyzers, version control systems, software testing tools, etc.
QUALIFICATIONS:
- Bachelor /Master degree in engineering field
- Solid knowledge of cyber security concepts such as CWE/SANS Top 25, secure design patterns in embedded systems, Purdue model, zones and conduits
- Solid knowledge of Public Key Infrastructure (PKI) concepts
- Solid knowledge of NIST 800-53 security controls; NIST Cyber Security Framework
- Solid knowledge of IEC 62443, ISA Secure, UL 2900, ABS, DNV-GL, DO-326A, NERC-CIP, ENISA, NIST SP 800
- Solid knowledge of industry standards groups and roles in the Cyber Security space
- Able to generate proposed cyber solutions
- Solid problem solving & troubleshooting skills and analytical calculation skills
- Knowledge of IEC 61508 would be a benefit
- Strong leadership skills
WE OFFER:
- Stable employment within a growing and dynamic team
- Advancement opportunities in international team
- Competitive base pay
- A total rewards package, that includes: private health insurance, life & accidental insurance, foreign languages courses, Multisport package
- Company performance bonus program
- Work-life balance, semi-flexible working time
- Employee – friendly renumeration structrure based on creative works (available for selected positions)
- PPK: Woodward offers payment to your PPK account up to 4% of your compensation depending on seniority
- Relocation support