As Senior Information Security Subject Matter Expert for Software Engineering, you will be expected to provide subject matter expertise, advice, and guidance to an established network of stakeholders for development of digital products and services within the global organization. Additionally, you will be responsible for oversight and development of security policies and guidelines related to Software Development and Software Lifecycle of digital products.
● play a key role in shaping and further developing the organization’s capabilities for secure software engineering and development of digital products and services for different business areas
● be responsible for defining security policies and procedure which address risks associated with software development for new solutions and products whilst fulfilling the business requirements
● provide consultation and advice on all matters relating to application security from technical to management level involving stakeholders from across the organization
● collaborate with the software engineering teams of IT and business responsible for development of new software to help ensure a high level of security and compliance with the organization’s policies
● oversee the security within the whole Software Development Lifecyle from design through implementation to operation and maintenance of software solutions within the organization and for products delivered to our customers.
● help ensure applications and products are protected against common and specific threats fulfilling the quality expectations related to our brand
● be part of a dynamic and motivated team with a passion for Information Security consisting of people with different experience levels, personalities and based in different countries
● keep a forward-looking view on emerging technologies and trends which may have a positive or negative impact on security within the development strategy and affected system
● Apprenticeship / professional education / studies in the field of Information Security (Bachelor's or Master’s degree) or equivalent combination of education and working experience
● 3-5 years of professional experience in a fields related to Information Security and >2 years professional experience in software engineering or similar.
● Comprehensive technical knowledge about software engineering, application security, security frameworks like OWASP and at least basic knowledge in further security areas like cloud, network, and authentication.
● Good understanding of the common threats posed to applications and digital products in hybrid environments
● Ability to work in a structured and independent way with analytical, problem-solving, and decision-making skills
● Ability to correlate technologies, understand complex environments and business requirements
● Ability and self-motivation to constantly keep up to date with new technologies and concepts
● Sharing your knowledge and know-how to advance the team is in your nature
● Fluent English or German language skill
Your ZEISS Recruiting Team: