Product Information Security Engineer
מס' המשרה: 20109
שם המשרה: Product Information Security Engineer
אזור: צפון
תיאור של המשרה:
A leading global company that develops medical devices is looking for a Product Information Security Engineer
In this role, you will be responsible for building an accountable, information security-conscious culture, and a system security infrastructure built on high-quality standards backed-up by effective operational procedures and regular status monitoring and reporting activities.
• Helping validate that our products and services are designed and implemented to the highest security standards
• Create threat models for products you're responsible for, and leverage them to prioritize time-based on risk impact.
• Collaborate with our QARA, R&D, and Corporate I.T. to rapidly and fundamentally improve the security posture of the cloud company products
• Define the right detectors and data we need to stop attackers
• Perform architecture reviews
• Educate and train product teams on security topics and skills to extend AppSec's reach by deputizing product teams to help themselves
•
Qualifications
• Education: at least one of the following certifications: Cloud Security Knowledge/ Cloud Security Professional/ Cloud Security Specialist (CC)
• At least 5 years of experience in Cyber Security, including Cloud Security
• Demonstrated Understanding of crypto basics (encryption, signing, certificates, common algorithms)
• Knowledge of common security-relevant protocols (e.g., SSH, TLS, DNS, DHCP, NTP, ICMP)
• Deep knowledge of cloud computing infrastructure, focused on Kubernetes, Containers, and the major players (Azure, AWS)
• Wide knowledge of Web technologies, security products for Cloud/Web
• Experience in writing procedures and reports
• Excellent English (both oral and written)
• Proven experience with a wide variety of technologies and cloud services such as Azure Service Fabric, Event Hub, Azure SQL, Blobs, etc. -an advantage
• Knowledge of security frameworks and regulations such as ISO 27001, HIPAA, SOC 2, GDPR, CCPA, IMDRF- an advantage
• Proficient hands-on coding skills, scripting: PowerShell, BAH, Ansible, etc- an advantage
Prepare technical specifications and executive-ready communications
