Senior Product Software Security Specialist – 10527

Veritaz is a leading IT staffing solutions provider in Sweden, committed to advancing individual careers and aiding employers in securing the perfect talent fit. With a proven track record of successful partnerships with top companies, we have rapidly grown our presence in the USA, Europe, and Sweden as a dependable and trusted resource within the IT industry.

Assignment Description:

We are looking for a Senior Product Software Security Specialist to join our dynamic team.

What you will work on:

• Ensure compliance with industrial security standards and regulations by performing assessments against IEC 62443-4-1, IEC 62443-4-2, CRA, and RED. Support R&D teams in achieving security compliance with relevant standards and legislation.
• Conduct threat modeling and risk assessments specific to industrial software, focusing on attack vectors such as remote access, third-party software, and network protocols. Develop and improve processes and templates for threat modeling and risk assessment.
• Address customer security questionnaires related to industrial products and translate customer requirements into actionable product security specifications.
• Integrate security best practices throughout the Secure Software Development Lifecycle (SDLC) for industrial systems, ensuring that security is embedded in every stage from design to deployment and ongoing maintenance.
• Support the integration of security testing tools into test and development environments, including CI/CD pipelines.

What you bring:

• 3+ years of experience in software or product security, preferably in industrial or OT environments.
• Proven experience in assessing and securing software for industrial control systems (ICS), SCADA systems, or embedded software.
• Strong understanding of software/product security principles and proficiency in securing industrial software systems.
• Expertise in threat modeling, risk assessment, and implementing security controls.
• Familiarity with cybersecurity standards such as IEC 62443.
• Proficiency in programming languages relevant to industrial systems (e.g., C/C++, Python, Java) and secure coding practices.
• Excellent communication skills for effective collaboration with cross-functional teams, including product managers, marketing, and developers.
• Optional certifications such as ISA/IEC 62443 Cybersecurity Certification or Certified Secure Software Lifecycle Professional (CSSLP).
• Proficiency in English for both written and verbal communication.