Loading...
Share this Job
Location: 

Noida, IN

Date:  Sep 8, 2021
Job ID:  750

Security Expert

Barco designs technology that makes everyday life a little better. Seeing beyond the image, we develop sight, sound, and sharing solutions to help you work together, share insights, and wow audiences. Our focus is on three core markets: Enterprise (from meeting and control rooms to corporate spaces), Healthcare (from the radiology department to the operating room), and Entertainment (from movie theaters to live events and attractions). With a team of over 3,300 employees, located all around the globe, we realized sales of 770.01 million euro in 2020. 

Barco designs technology to enable bright outcomes around the world. Seeing beyond the image, we develop visualization and collaboration solutions to help you work together, share insights, and wow audiences. Our focus is on three core markets: Enterprise (from meeting and control rooms to corporate spaces), Healthcare (from the radiology department to the operating room), and Entertainment (from movie theaters to live events and attractions). We have a team of 3,600 employees, located in 90 countries, whose passion for technology is captured in 400 granted patents. As part of GEAX organization which is the Software product development group at Barco our vision is to be a world class software team partnering with our businesses to offer successful software solutions and outcomes that delight our customers and set the trend in our dynamic markets.

 

Key Responsibilities

 

  • Advice and guide product security strategy (“security by design”) together with product security architect and security office
  • Execute and guide threat modeling exercises and security risk analyses during design/development phases
  • Design and document technical security controls in different product lines ranging from embedded to cloud deployments
  • Challenge R&D teams and system architects about the why and how technical security controls should be integrated
  • Guarantee compliance with privacy regulations from product development perspective in cooperation with product security architect and data protection officer
  • Monitor and improve security controls in the design and development phases:
    • Security baseline
    • Code review process
    • Vulnerability management (e.g. of open source packages)
    • Vulnerability scanning (tooling and configuration)
    • Application security testing
  • Follow up incident response management and vulnerability disclosure processes
  • Follow up ISO 27001 ISMS/audit for all product development related subjects
  • Create security whitepapers of the different product lines
  • Stay up-to-date with latest security/privacy technologies, trends and regulations and translate impact to the business stakeholders

 

Qualification

  • Master degree in IT or information security, or equivalent by experience
  • At least 5 years of experience in information security management, preferably also from development perspective (defensive side)
  • Solid understanding of security protocols, cryptography, authentication, authorization and best practices
  • Broad technical knowledge: from embedded devices to cloud deployed services
  • Familiar with OWASP project (Top 10, ASVS, SAMM, …)
  • Coding skills: C, C++, javascript
  • Preferably holder of certifications like GIAC, CISSP, CISM, …
  • Experience with agile development process across international teams
  • Well respected and influential, able to emphasize methodology, modeling, and governance, technologically neutral, persuasive, and enthusiastic
  • Good verbal, written, presentation, facilitation, and interaction skills, including ability to effectively communicate risks, issues and concepts to multiple organization levels and executive management
  • Customer centric mindset
  • Fluent in both spoken and written English
  • Hands-on experience with cloud platforms such as Amazon Web Services (AWS), Azure, MongoDB Atlas, …
  • Experience with assessment, development, implementation, optimization, and documentation of a comprehensive and broad set of security technologies and processes (secure software development (Application Security), data protection, cryptography, key management, identity and access management (IAM), network security, SIEM implementation) within SaaS, IaaS, PaaS, and other cloud environments.
  • Preferably holder of generic certifications like GIAC, CISSP, CISM, … and/or cloud security specific certifications like:
    o    AWS Certified Security – Specialty
    o    Microsoft Certified: Azure Security Engineer Associate
    o    ISC2 Certified Cloud Security Professional Certification (CCSP)