Talent.com
Product Security Program Administrator

Product Security Program Administrator

KIONGrand Rapids, Michigan, USA
job_description.job_card.variable_hours_ago
serp_jobs.job_preview.job_type
  • serp_jobs.job_card.full_time
job_description.job_card.job_description

This role resides within Dematics product security organization responsible for the security of software and operational technology (OT) solutions used within automated warehouse environments. Dematic is an OEM and Systems Integrator of automated supply chain innovations such as conveyance robotic mixed-case palletizing micro-fulfillment centers autonomous mobile robots and high-density buffer storage overhead systems.

Reporting to the Senior Manager of OT Security the Product Security Program Administrator will be responsible for the administration of the Product Cybersecurity Design Program (PCDP). Aligned with IECthe PCDP is Dematics formal process to address product lifecycle security.

The incumbent will consult disparate product teams on the required processes activities and deliverables relating to the PCDP. The incumbent will align with the process excellence and quality teams to ensure maintenance of the PCDP and regulatory compliance of Dematic products. The incumbent will guide a growing team of risk analysts and security engineers to fulfill day to day task work. The incumbent will embed with matrixed technical teams to research audit and produce specifications (i.e. context of use threat model risk assessment) resulting in regulatory compliance and risk informed controls engineering. The incumbent will leverage existing processes & standards will create / update / publish information to supplement and grow the PCDP. The incumbent may assist in research and response to contract proposal or RFQ requests.

The scope of this role is component & system-wide security for Dematic products & solutions as applied to warehouse automation equipment machine controls software and networks. The incumbent will provide varying levels of process & technical consultancy to product management product engineers and 3rd party vendors to ensure programmatic & technical security requirements for Dematics sophisticated industrial automation control products are satisfied. If you are passionate about risk informed engineering compliance with emerging security regulations and creating the future in a breakthrough segment of OT cybersecurity this role is for you!

We offer : Job Description

  • Career Development
  • Competitive Compensation and Benefits
  • Pay Transparency
  • Global Opportunities

Learn More Here : provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race color religion age sex national origin disability status genetics protected veteran status sexual orientation gender identity or expression or any other characteristic protected by federal state or local laws.

This policy applies to all terms and conditions of employment including recruiting hiring placement promotion termination layoff recall transfer leaves of absence compensation and training.

The base pay range for this role is estimated to be $93750-$125000 at the time of posting. Final compensation will be determined by various factors such as work location education experience knowledge and skills.

Tasks and Qualifications :

What You Will Do in This Role :

  • Administrate the Product Cybersecurity Design Program (PCDP).
  • Consult disparate product teams on the required processes activities and deliverables relating to the PCDP.
  • Execute the risk assessment and design review responsibilities defined within the PCDP tollgates.
  • Champion the risk management framework within the PCDP resulting in secure-by-design products and reusable internal standards.
  • Align with product teams to conduct context of use threat modeling and initial risk assessment within Dematics existing product catalog.
  • Align with the quality and process excellence teams to drive regulatory security compliance of products.
  • Maintain regular alignment and information sharing with enterprise IT CTO R&D and other functions.
  • Work closely with technical engineering teams to validate / supplement audit findings derive appropriate technical controls and produce required security documentation.
  • Apply risk-based methodology to justify risk mitigation or acceptance.
  • Specify controls based on risk informed decision-making accounting for finite resources and business priorities.
  • Contribute & participate in regular scrums technical design reviews and regulatory security activities.
  • Balance Dematics role as OEM and System Integrator against responsibilities and reasonable expectations of the Asset Owner within the risk management framework to achieve stewardship of finite resources.
  • Convert product & system deliverables into Standards and publish within the PCDP for future reuse.

    • What We Are Looking For :

  • BS / MS in an engineering or computer science field or 5 years of industrial automation networking electrical engineering or cybersecurity auditing experience including technical knowledge of various security frameworks standards applications and applied approaches.
  • Process oriented expertise in risk informed cybersecurity engineering based on best practice and industry standards (i.e. IEC 62443) to produce secure by design products and fulfill emerging regulatory requirements.
  • Experience in security or risk management relating to industrial automation control systems.
  • General knowledge of hardware embedded devices firmware IT hosted software development and operating systems is required.
  • Possession of excellent verbal and written communication skills within an organizational setting is strongly required.
  • Keen ability to be a self-starter execute with minimum supervision and thrive in breakthrough segment of OT cybersecurity.
  • CISSP CRISC GICSP Security Network or similar certifications.

    • Location & Authorization : This is a hybrid role requiring proximity to one of our U.S. offices (Grand Rapids MI; Plano TX; Salt Lake City UT; or Milwaukee WI).Applicants must be authorized to work in the U.S. without the need for current or future sponsorship.

    LI-DP1

    Required Experience :

    Unclear Seniority

    Key Skills

    Splunk,IDS,Identity & Access Management,PCI,Windows,Authentication,NIST Standards,Firewall,Security,Information Security,Encryption,Siem

    Employment Type : Full Time

    Experience : years

    Vacancy : 1

    Monthly Salary Salary : 93750 - 125000

    serp_jobs.job_alerts.create_a_job

    Program Administrator • Grand Rapids, Michigan, USA