Global Cybersecurity Compliance Leader

Dover is a diversified global manufacturer with annual revenue of over $7 billion. We deliver innovative equipment and components, specialty systems, consumable supplies, software and digital solutions, and support services through five operating segments: Engineered Products, Fueling Solutions, Imaging & Identification, Pumps & Process Solutions and Refrigeration & Food Equipment. Dover combines global scale with operational agility to lead the markets we serve. Recognized for our entrepreneurial approach for over 60 years, our team of approximately 24,000 employees takes an ownership mindset, collaborating with customers to redefine what's possible. Headquartered in Downers Grove, Illinois, Dover trades on the New York Stock Exchange under "DOV." Additional information is available at dovercorporation.com. 

• Job Title: Global Cybersecurity compliance leader
• Location :- Bangalore
• Department: Product Safety and Compliance

The Role 

The Global Cybersecurity compliance leader ensures that products (machine and software solution) comply with the regulatory requirements of the markets in term of Cybersecurity 

What you will do: 

• On an ongoing basis, determine the strategy (make or buy, laboratory selection, methodology…) and process to deploy the cybersecurity program; inform, educate and negotiate with transversal teams to meet the objectives
• Continuously monitor emerging regulations and/or regulatory change, assess the impact on current and future products (machine and software solution) and assure maintenance of certifications or receipt of new certifications.

1. For the new development or modification of a software solution or SaaS:

• Determine the cybersecurity regulations applicable from a regulatory, market or application point of view
• Extract the relevant requirements and guarantee pre-compliance during the development phase (design review, pre-analysis, pre-testing) by working with the various departments in the organization
• Define the certification plan: strategy, activities, deadlines, costs, and resources
• Carry out the analysis (gap assessment, threat modelling) or tests (penetration test) using the resources at your disposal and/or in cooperation with external laboratories
• Manage the implementation of the certification plan in cooperation with the various departments in the organization
• Analyse test results to identify any non-conformities and propose action plans to remedy them
• Build and register certification dossiers
• For the new development or modification of the software platform, firmware or application of a machine:
• Execute same action than above by supervising and supporting CORE or PERIPHERAL certification engineers
• Based on a request relative to Cybersecurity from the organization, a customer, customs or a government authority:
• Provide support and expertise in response to the request

1. Nature and scope of the responsibilities

• Define the processes, the policy, and the strategies relative to cybersecurity for the department, hardware product safety and compliance with validation on results
• Responsible of cybersecurity domain for all products of division Dover Imaging and Identification (including BlueBite, Packaging intelligence) and for all market sales
• Select and order testing services from competent laboratories
• Provide proof of conformity when requested by customs, a government authority or a customer
• Handle a wide range of sensitive data

1. Work relations

               Reports to: Manager, Global Product Safety and Compliance

Internal relations:

• Report progress to the project manager, marketing manager, product Division Directors
• Support certification engineer for machine cybersecurity certifications
• Exchange technical information with certification engineers, design engineers (software and firmware), procurement, purchasing, production and factory process teams
• Provide support and educate engineering team, certification engineers, sales and customer support
• Describe and recommend cybersecurity orientations to Directors level

External relations:

• Exchanging technical information with government agencies and relevant laboratories

What you need to have:

• 5 years' higher education in cybersecurity
• In-depth knowledge (5-7 years' experience) of Cybersecurity compliance for software and industrial machinery: SoC 2 Type I/II, IEC62443 series, 18031 series or ISO 27001
• Knowledge in project management skills and tools
• Knowledge of the complete end-to-end software product lifecycle with security certification (DevSecOps)
• Expertise in cybersecurity good practices, threat modeling, vulnerability analysis, penetration testing
• Ability to identify applicable regulations and read and interpret standards
• CSSLP, CISSP or CEH certification would be an added advantage
• Fluent English and excellent verbal and written communication skills

You’ll only be the right candidate if you are aligned to our values and culture:  

• Collaborative entrepreneurial spirit  
• Winning through customers  
• High ethical standards, openness and trust  

• Expectations for results  
• Respect and value people 

If you believe you match our values and have the experience we’re looking for, then apply! We can’t wait to hear from you   

All qualified applicants will receive consideration for employment without discrimination on the basis of race, colour, religion, sex, sexual orientation, gender identity, national origin, disability, age and genetic information. 

Work Arrangement : Hybrid 

All qualified applicants will receive consideration for employment without discrimination on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, age, genetic information, or any other factors prohibited by law.

Fraudulent Recruiting Disclaimer:  Dover Corporation and our affiliated operating companies want to alert applicants to internet job posting fraud, where parties posing as Dover employees, recruiters, or other agents, try to engage with online candidates in an attempt to steal personal and/or financial information.  We do not endorse or engage in any recruitment practices that involve payment or personal information outside of our official application and hiring process.  Please verify the authenticity of an invitation to apply for a job, or for a job offer by contacting us directly through our Dover and affiliated operating company websites at https://careers.dovercorporation.com/.  To learn how you can protect yourself, review our Recruitment Fraud Notice on our careers site.

This position may be located in: APAC : India : Karnataka : Bengaluru

Sub Division : Engineering

Job Requisition ID : 58579

Job Function : Legal & Compliance