Product Cyber Security Engineer

Niepolomice, PL

Woodward

Woodward is an independent designer, manufacturer, and service provider of control solutions for the aerospace and industrial markets. Explore our wide range of solution and product offerings.

View all jobs at Woodward

Apply now Apply later

The Product Cyber Security (CS) Engineer will be responsible for coordinating and performing product cyber security functions within Woodward business unit(s) as described in Secure Development Lifecycle (SDLC). This member supports the implementation and adoption of cyber security standard work processes (including, but not limited to, risk assessment, awareness/training, incident response, and strategic initiatives). In addition, this member will advise developers, test engineers, and supply chain resources on all business unit related with product cyber security issues.

WHAT YOU WILL BE DOING:

  • Oversee a program implementation of Woodward SDLC (Secure Development Lifecycle), based on ISA/IEC 62443-4-1 practices, with the goal of Security Development Lifecycle Accreditation (SDLA) through accredited certification body;
  • Assist product teams with successful ISA/IEC 62443 process and device certification.
  • Run internal pre-certification audits;
  • Security Requirements management: define common set of system requirements derived from multiple security standards, generation of deliverable reports, security reviews for both hardware and software requirements, coordination between safety and security for requirements and processes;
  • Assist with the development of department processes, methods, and checklists;
  • Develop and maintain threat models for Woodward projects;
  • Manage product Cyber Security incident response;
  • Point of Contact for customer inquiries about product cybers security features;
  • Coordinate with corporate level groups on Woodward cybersecurity initiatives;
  • Provide work effort estimates, assist in project planning efforts including project task definition;
  • Execute the standard work relative to Product Cyber Security processes. Lead efforts in improving standard work;
  • Provide Product Cyber Security knowledge into proposals and risk assessments;
  • Responsible for suggesting and supporting new cyber tools usage;
  • Assist with training WWD members on national, regional, and international regulations/standards;
  • Responsible for keeping abreast of new and changing regulations and best practices pertaining to Product Cyber Security.

WHAT YOU WILL NEED:

  • Familiarity with:
  • specific OT / IACS products and systems, including challenges in securing them;
  • industrial cyber security concepts, such as NIST SP 800-82;
  • cybersecurity standards, such as: ISA/IEC 62443 family of standards, NIST Cyber Security Framework (CSF), NIST SP 800-53 and SP 800-171, NIST Cyber Security Framework;
  • sector-specific cybersecurity standards, such as: ISO/SAE 21434, IACS UR E 26 & E 27, NERC-CIP;
  • Public Key Infrastructure (PKI) concepts;
  • Experience in creating cyber security process documents (procedures, manuals, instructions);
  • Experience in developing, implementing, and evaluating cyber security requirements for OT/IACS products and systems;
  • Familiarity with IEC 61508 would be a benefit;
  • Strong teamwork approach;
  • Fluent English in writing and speaking;
  • Familiarity with software development and analysis tools including editors, compilers, linkers, debuggers, code analyzers, version control systems, software testing tools, etc.

Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  0  0  0

Tags: Audits Compilers IEC 62443 Incident response Industrial ISO/SAE 21434 NIST NIST 800-53 PKI Risk assessment SDLC

Region: Europe
Country: Poland

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.