Cinter Career Services
Principal Security Engineer - AUTO OEM BACKGROUND
Cinter Career Services, Plano, Texas, us, 75086
We are seeking a
Principal Security Engineer someone who will handle and respond to security incidents related to its products or services. The main purpose of this role is to identify, assess, prioritize, and respond to vulnerabilities or threats that may impact the security of the organization's offerings. This role will help in building effective PSIRT to ensure greater product quality and fewer security patching updates, these outcomes not only keep costs down, they also help the brand by avoiding the appearance of being lax about a product's security.
Client (type/ industry): IT Solutions branch of a major Japanese companyWorking Location: On-Site (Plano, TX)Employment Type: Full TimeSalary: Up to $76-88/hBenefit: Full BenefitsVISA support: NO/ United States (Required)Language: English[Job Overview]Duties/Responsibilities:
Technical Leadership: Serve as the primary technical lead for investigating vulnerabilities and security incidents across various domains, including Vehicle, Application, and Back End systemsGuidance and Strategy: Provide expert technical guidance and contribute to the formulation of effective investigation strategies to swiftly identify and address security threatsPSIRT Support: Collaborate closely with the PSIRT Team to investigate and track identified vulnerabilities using the VVM Jira tool, thereby facilitating continuous improvement of the organization's security postureStakeholder Coordination: Liaise with stakeholders to assess vulnerabilities and recommend appropriate remediation or mitigation measures, ensuring timely and effective risk reductionRemediation & Mitigation Tracking: Monitor the progress of remediation and mitigation efforts using the VVM Jira Tool, maintaining close communication with Product Leads and Scrum Teams to ensure alignment and swift resolution of security issuesAd-hoc Technical Support: Provide on-demand technical expertise and support for various PCG services and programs as needed, leveraging a deep understanding of product security principles and best practicesRequirements:
Proven expertise in conducting technical investigations into security incidents and vulnerabilities across diverse OEM environments such as Vehicle, Application, and Back End systemsStrong familiarity with industry-specific tools and methodologies for vulnerability management and incident response within the OEM sectorExcellent communication skills with the ability to effectively convey technical information to diverse audiences and collaborate with cross-functional teams within an OEM contextDemonstrated ability to provide technical leadership, guidance, and mentorship to junior team members within an OEM settingExperience working with issue tracking and project management tools such as Jira for tracking vulnerabilities and remediation efforts, preferably within an OEM environmentAbility to adapt to fast-paced OEM environments and prioritize tasks effectively to meet OEM-specific deadlines and requirementsExperience with cybersecurity incident response frameworks such as NIST CSF, ISO 27035, or similarFamiliarity with Agile development methodologies and Scrum practicesPrior experience in automotive cybersecurity or related industriesKnowledge of scripting languages such as Python, PowerShell, or Bash for automation and tool development
Qualifications:
Bachelor's degree in computer science, Information Security, or a related technical field; or equivalent practical experience10+ years of Engineering experience in cybersecurity, incident response, vulnerability management, or related fields within the OEM industryWillingness to travel up to 15% of the time, with a minimum expectation of 2 days per month and 1 week per quarter for on-site engagements and collaboration within the OEM industryMaster's degree in computer science, Information Security, or a related technical fieldIndustry certifications such as CISSP, CISM, CEH, or equivalentBenefits:
Medical health insurance (including dental and vision)Competitive paid time off and company paid holidaysComp time for holidays worked401k matching programCompany profit sharingMerit increases and bonus structureProfessional development and education reimbursement
Principal Security Engineer someone who will handle and respond to security incidents related to its products or services. The main purpose of this role is to identify, assess, prioritize, and respond to vulnerabilities or threats that may impact the security of the organization's offerings. This role will help in building effective PSIRT to ensure greater product quality and fewer security patching updates, these outcomes not only keep costs down, they also help the brand by avoiding the appearance of being lax about a product's security.
Client (type/ industry): IT Solutions branch of a major Japanese companyWorking Location: On-Site (Plano, TX)Employment Type: Full TimeSalary: Up to $76-88/hBenefit: Full BenefitsVISA support: NO/ United States (Required)Language: English[Job Overview]Duties/Responsibilities:
Technical Leadership: Serve as the primary technical lead for investigating vulnerabilities and security incidents across various domains, including Vehicle, Application, and Back End systemsGuidance and Strategy: Provide expert technical guidance and contribute to the formulation of effective investigation strategies to swiftly identify and address security threatsPSIRT Support: Collaborate closely with the PSIRT Team to investigate and track identified vulnerabilities using the VVM Jira tool, thereby facilitating continuous improvement of the organization's security postureStakeholder Coordination: Liaise with stakeholders to assess vulnerabilities and recommend appropriate remediation or mitigation measures, ensuring timely and effective risk reductionRemediation & Mitigation Tracking: Monitor the progress of remediation and mitigation efforts using the VVM Jira Tool, maintaining close communication with Product Leads and Scrum Teams to ensure alignment and swift resolution of security issuesAd-hoc Technical Support: Provide on-demand technical expertise and support for various PCG services and programs as needed, leveraging a deep understanding of product security principles and best practicesRequirements:
Proven expertise in conducting technical investigations into security incidents and vulnerabilities across diverse OEM environments such as Vehicle, Application, and Back End systemsStrong familiarity with industry-specific tools and methodologies for vulnerability management and incident response within the OEM sectorExcellent communication skills with the ability to effectively convey technical information to diverse audiences and collaborate with cross-functional teams within an OEM contextDemonstrated ability to provide technical leadership, guidance, and mentorship to junior team members within an OEM settingExperience working with issue tracking and project management tools such as Jira for tracking vulnerabilities and remediation efforts, preferably within an OEM environmentAbility to adapt to fast-paced OEM environments and prioritize tasks effectively to meet OEM-specific deadlines and requirementsExperience with cybersecurity incident response frameworks such as NIST CSF, ISO 27035, or similarFamiliarity with Agile development methodologies and Scrum practicesPrior experience in automotive cybersecurity or related industriesKnowledge of scripting languages such as Python, PowerShell, or Bash for automation and tool development
Qualifications:
Bachelor's degree in computer science, Information Security, or a related technical field; or equivalent practical experience10+ years of Engineering experience in cybersecurity, incident response, vulnerability management, or related fields within the OEM industryWillingness to travel up to 15% of the time, with a minimum expectation of 2 days per month and 1 week per quarter for on-site engagements and collaboration within the OEM industryMaster's degree in computer science, Information Security, or a related technical fieldIndustry certifications such as CISSP, CISM, CEH, or equivalentBenefits:
Medical health insurance (including dental and vision)Competitive paid time off and company paid holidaysComp time for holidays worked401k matching programCompany profit sharingMerit increases and bonus structureProfessional development and education reimbursement