Apply now »

 

 

 

 

Product Security Engineer

Landis+Gyr is a leading global provider of integrated energy management solutions. We measure and analyze energy utilization to generate empowering analytics for smart grid and infrastructure management, enabling utilities and consumers to reduce energy consumption. Our innovative and proven portfolio of software, services and intelligent sensor technology is a key driver to decarbonize the grid. Having avoided more than 9 million tons of CO2 in FY 2021 and committed to achieve carbon neutrality by 2030, Landis+Gyr manages energy better – since 1896. 
With sales of USD 1.5 billion in FY 2021, Landis+Gyr employs around 6,500 talented people across five continents.

 

Position Summary

Landis+Gyr seeks to hire a Product Security Engineer to join the Product Security team within the CISO organization. The Product Security Engineer will be collaborating with the product teams to identify and prioritize security vulnerabilities and ensuring that those are remediated within the project timeline. This individual will be responsible for maintaining current security tools and integrating new ones to various CICD pipelines. This role will ensure customer success by offering security consulting services that meet customer needs.

 

Key Responsibilities

  • Supports the Secure Development Lifecycle (SDLC) by integrating various security tools into the CICD pipelines, identifies and prioritizes vulnerabilities and assists developers in remediating the vulnerability findings by providing guidance.
  • Ensures customer success by understanding requirements, leveraging best practices and offering security consulting services that meet customer needs.
  • Supports commercial teams by building customer trust in the security of Landis+Gyr products.
  • Provides operational support for security escalations from customers.  Acts as the focal point for critical customer cybersecurity issues, product security compliance, and external security certifications.  Coordinates and tracks remediation of product security incidents.
  • Engages in application and domain-specific threat modeling and attack surface analysis and reduction.
  • Supports and adheres to Company’s core values.
  • Performs other duties or responsibilities as assigned or required.

 

Education and Experience

  • BS in Computer Science, Engineering or equivalent with 2-5 year’s relevant experience
  • Demonstrated programming knowledge – Java, C#, C, C++
  • Experience working with CI/CD and Infrastructure-as-Code tools: Jenkins, Gitlab, Terraform, CloudFormation
  • Knowledgeable in product/application security architecture – Service oriented architecture (SOA), Network security, Application security, PKI, Web services, REST APIs, Zero Trust design, Cloud Security
  • Technical experience in Security/Identity Management including SSO, LDAP, MFA and Provisioning
  • Experience with SAST, DAST, SCA and penetration testing tools
  • In-depth experience identifying and protecting against web application and web service security vulnerabilities including those found in the OWASP Top 10, IoT Top 10 and SANS Top 25
  • Encryption knowledge, HSM (Hardware Security Modules)
  • Good analytical, and problem-solving skills; self-motivated, good organizational skills
  • Comfortable working in both on-premise and cloud environment (preferably GCP)
  • Excellent written & oral communication and presentation skills
  • Relevant security certifications such as CISSP

 

Knowledge, Skills, and Abilities

  • Excellent interpersonal and communication skills.
  • Strong customer orientation
  • Strong planning and organizational skills with an ability to plan and manage multiple projects simultaneously.
  • Attention to detail.
  • Problem analysis and resolution.
  • Ability to meet tight deadlines.
  • Excellent cyber security fundamentals (cryptography, key management, protocols, authentication, etc)
  • Comfortable building out integrations with security scanners and/or vendor products
  • Ability to perform security code reviews, security design reviews and threat modeling  
  • Ability to safeguard confidential information.

 

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

 

If you have the drive and enthusiasm to accept this challenge and to work in a very dynamic, cross functional and international environment, we are looking forward to meeting you. Click apply now.

Job Title:  Product Security Engineer

Requisition ID:  15165
Location: 

United States (Remote), US

Workplace Type:  Remote
Career Level:  Experienced
Date Posted:  Aug 3, 2022


Nearest Major Market: Eugene

Apply now »