Product Security Engineer

Company Description

Accesa is a leading technology company headquartered in Cluj-Napoca, with offices in Oradea, Bucharest, Timisoara and 20 years of experience in turning business challenges into opportunities and growth.

A value-driven organisation, it has established itself as a partner of choice for major brands in Retail, Manufacturing, Finance, and Banking. It covers the complete digital evolution journey of its customers, from ideation and requirements setup to software development and managed services solutions.

With more than 1,200 IT professionals, Accesa also has a fast-growing footprint, establishing itself as an employer of choice for IT professionals who are passionate about problem-solving through technology. Coming together in strong tech teams with a customer-centric approach, they enable businesses to grow, delivering value for our clients, partners, industry, and community.

About the project

We're looking for a Security Expert with experience in application security for at least 4 years, who also has a consultancy approach in terms of Security Strategies, Security Standards and Frameworks or any other improvements needed in the context of an Application Security Life Cycle.

As a security expert you may coordinate security teams, of a specific department, and ensure that teams are working towards the right goals efficiently. Oversee the delivery of services, manage relationships, and take control of any issues in their department or specialism. This role will be a trusted adviser to development and business stakeholders and provide a broad knowledge of security strategies, processes, architecture, and best practices to enable a smoot understanding and fulfilling of security requirements. 

The position is an essential business partner and will take responsibility for assessing and managing product security risks for the business. This role will focus on ensuring that cyber security is considered in respect of all elements of a product. The Security Expert will be required to support business units and development teams with the requirements engineering, architecture, design, implementation, testing, deployment, and post-release continuous monitoring security strategies.

Job Description

The Security Expert is responsible to:

• Strategically plan, develop, and coordinate an effective Application Security program.
• Develop, establish, and maintain processes, procedures, and guidelines to promote the security within development responsible teams.
• Manage the operations and effectiveness of the security pipeline tools.
• Lead the security function for the business.
• Manage security specialists and ensuring their output aligns with the organization’s goals and priorities.
• Identify new security opportunities and challenges, ensuring that the right actions are taken to avoid risks.
• Encourage self-sustaining security practices and behaviors within delivery teams.
• Perform risk assessments for threats and incidents.
• Ensure that regulatory and legal requirements are met.
• Establish teams to implement new security solutions and managing budgets.
• Take ownership and responsibility for reaching objectives and meeting goals.
• Review the existing security position and stay updated on the security industry globally to propose positive changes.

Will coordinate the planning, implementation, and deployment of security features and improvements. May take the project management role on occasion and fulfill other duties as assigned.

Qualifications

• At least 4 years of relevant security experience in manufacturing industry
• Experience with crisis / emergency situations
• Knowledge of IT security technology, SDLC process with it's security touchpoints and security standards.
• Profound knowledge of security design strategies and corresponding standards that support the efficient execution of those strategies.
• Ideally having programming skills or experience in working in a development team 
• Excellent communication skills, negotiation skills and assertiveness.
• Initiative and a sense of responsibility.
• Strong analytical thinking skills and the ability to quickly grasp and process complex relationships in a way that is appropriate for the addressee
• Integrity, impartiality, responsibility and confidentiality
• Proficient in English language. German language would be a plus.
• Compliance standards (IEC 62443, TISAX, ISO 27001) and EU security directives knowledge would be a big plus.

Additional Information

At Accesa you can:

Enjoy our holistic benefits program that covers the four pillars that we believe come together to support our wellbeing, covering social, physical, emotional wellbeing, as well as work-life fusion.

• Physical: premium medical package for both our colleagues and their children, dental coverage up to a yearly amount, eyeglasses reimbursement every two years, voucher for sport equipment expenses, in-house personal trainer
• Emotional: individual therapy sessions with a certified psychotherapist, webinars on self-development topics
• Social: virtual activities, sports challenges, special occasions get-togethers
• Work-life fusion: yearly increase in days off, flexible working schedule, birthday, holiday and loyalty gifts for major milestones.