Campus Pride Jobs

JOB REQUIREMENTS: Position Overview: We are seeking a highly skilled and experienced Principal Security Engineer to join our product security team. This role is vital in strengthening the security posture of our products, including their cloud environments and networks, by ensuring compliance with industry standards such as IEC 62443. The ideal candidate will have a deep understanding of product and cloud security, hands-on experience with security assessments, and a strong ability to collaborate with engineering teams. This position requires a passion for developing security practices within an agile methodology and driving continuous improvement in the company\'s security processes. Key Responsibilities: * Lead security efforts for both product and cloud environments. You will work closely with infrastructure, networking, and product development teams to secure the entire product lifecycle. * Review and implement IEC 62443 controls for product security. Conduct gap assessments, identify control deficiencies, and ensure proper evidence is collected and logged within our security tools (e.g., CyberSaint). * Oversee and manage external penetration testing engagements, ensuring comprehensive testing and accurate results interpretation. Ability to assess penetration test reports for validity and accuracy. * Develop and standardize the Security Review process (including Security Reviews 1 and 2), ensuring consistency across all product lines. Collaborate with teams to ensure security checks are embedded in the product lifecycle (Concept, Design, Design Lock, Tooling). * Work closely with cross-functional teams including product developers, engineers, and senior leaders to define and implement security requirements throughout the development process. * Operate within an Agile framework to continuously improve and iterate on security processes while collaborating with agile teams to ensure security best practices are followed. * Maintain detailed documentation of all security assessments, including gap assessments, security review results, and action items for remediation. * Provide mentorship to junior team members, lead security initiatives, and influence security practices across the organization. Qualifications: * 7+ years of experience in security engineering, with a strong focus on product security, cloud security, and penetration testing. Previous experience in managing security compliance and performing risk assessments is essential. Technical Skills: * In-depth knowledge of security frameworks and standards (IEC 62443, ISO 27001, NIST, etc.). * Strong familiarity with cloud security practices (AWS, Azure, GCP, etc.). * Experience working with networking, infrastructure, and firmware security. * Ability to interpret penetration test results and provide actionable feedback. * Familiarity with security tools and platforms (e.g., CyberSaint, CES Vault, Powercell Consulting). * Expertise in managing security risk, conducting vulnerability management, performing threat modeling (e.g., STRIDE), and implementing secure development practices (e.g., Secure DevOps, SDLC). * Excellent communication and collaboration skills, with a demonstrated ability to work in a cross-functional team environment. Ability to influence security best practices and mentor others in security principles. Nice-to-Have: * CISSP, CISM, CISA, CEH, OSCP, or other relevant security certifications. * Experience with Agile development environments and working in DevSecOps teams. * Familiarity with industrial or product-specific security standards such as IEC 62443. * Experience with penetration testing tools and vulnerability assessment platforms. Beacon Hill is an Equal Opportunity Employer that values the strength dive To view the full job description please use the link below. https://www.aplitrak.com/?adid=YmJnZW5lcmljLjE0NDM2Ljg3NzBAYmVhY29uaGlsbGNvbXAuYXBsaXRyYWsuY29t ***** AP LICATION INSTRUCTIONS: Apply Online: https://www.aplitrak.com/?adid=YmJnZW5lcmljLjE0NDM2Ljg3NzBAYmVhY29uaGlsbGNvbXAuYXBsaXRyYWsuY29t This position is listed by a private employment agency. The agency is the legal employer. No fee will be charged of the job applicant.