Nozomi Networks: Product Security Engineer at Nozomi Networks (Mendrisio, Switzerland) (Mendrisio, Switzerland)

Posted: Jun 4, 2021

Nozomi Networks is the leader of industrial cybersecurity. Whether our clients need fast product enhancements, onsite engineering support, or rapid deployment across continents, we deliver. We accelerate digital transformation by providing exceptional network visibility, threat detection and operational insight for OT and IoT environments.


Position Description:


You will be an individual contributor inside the Engineering team, leading the product security efforts of Nozomi Networks. You will lead the projects to evolve and mantain a robust product security strategy. In your day by day work you will be able to involve other Nozomi Networks employees and external contractors as deemed necessary.


Key Responsibilities:



  • Penetration and vulnerability assessment review and validation

  • Composition analysis review

  • CVE reviews

  • Security validation

  • Reviews and development of specific security features

  • Conducting risk assessment, penetration testing, code reviews, and static analysis or other security validation of specific projects

  • Projects and research work as needed


Required Skills:



  • Degree in a technology-related field required

  • 5+ years of experience in a combination of risk management, information security, and IT jobs

  • Knowledge of common information security management frameworks, such as ISO/IEC 27001 and NIST

  • Experience in Agile software development and other best engineering/development practices and tools

  • Experience with at least one of the major cloud computing vendors (AWS is preferred)

  • Ability to operate in settings with strong confidentiality and data privacy protocols

  • High level of English proficiency, both spoken and written

  • Good knowledge of crypto algorithms

  • Some hacking experiences

  • Secure coding

  • A good understanding of network and web-related protocols (such as TCP/IP, UDP, IPSEC, HTTP, HTTPS, etc.)

  • Good knowledge of Ruby and Ruby on Rails, Bash script, C++, Linux/Docker, and FreeBSD

  • Ability to find security problems in code and design

  • Common web languages, protocols, and formats incl. SSL, JSON, HTML, JavaScript, OAuth, etc..

  • Organized and autonomous in project and time management


Good to have:



  • OT/IoT knowledge

  • Professional security management certification is a strong advantage

  • Secure Software Lifecycle Development standards experience

  • Knowledge of tools like Synopsys, Qualys, and environments like Kubernetes

  • Curious with a constant desire to learn and collaborate


Our values:



  • Automate everything, so that humans can concentrate on the interesting stuff

  • Continuous personal improvement, we encourage to attend conferences and offer training classes

  • Shipping high quality software is our main concern


Benefits:



  • Flexible work hours

  • Generous vacation plan

  • Free coffee

  • New MacBook Pro + Monitor

  • Paid relocation

  • A beautiful view on Swiss mountains

More Information

Source: Stack Overflow


More Opportunities: