Jobbeschreibung
Step out of your comfort zone, excel and redefine the limits of what is possible. That's just what our employees are doing every single day – in order to set the pace through our innovations and enable outstanding achievements. After all, behind every successful company are many great fascinating people.
In a spacious modern setting full of opportunities for further development, ZEISS employees work in a place where expert knowledge and team spirit reign supreme. All of this is supported by a special ownership structure and the long-term goal of the Carl Zeiss Foundation: to bring science and society into the future together.
Join us today. Inspire people tomorrow.
Diversity is a part of ZEISS. We look forward to receiving your application regardless of gender, nationality, ethnic and social origin, religion, philosophy of life, disability, age, sexual orientation or identity.
Apply now! It takes less than 10 minutes.
-
Identify security design gaps in new and existing architectures, and collaborate with engineering teams to craft solutions that mitigate those issues.
-
Implement security solutions that protect products against cyber threats at every stage of the development lifecycle.
-
Conduct threat modeling exercises to identify potential security risks and recommend appropriate countermeasures.
-
Develop secure coding practices and provide guidance and training to product development teams.
-
Conduct code reviews to detect security risks in code.
-
Manage security incidents and provide guidance on incident management and response procedures.
-
Evaluate effectiveness of implemented security measures by means of audits and penetration tests.
-
Work closely with enterprise architects and other functional area architects to ensure relevant and adequate security solutions throughout all digital systems in your responsibility.
-
Conduct research into new technologies, architectures, and security products to support security requirements for the products, customers, business partners and vendors.
-
Professional education / studies in the field of Information Security or equivalent combination of education and working experience.
-
Certifications such as CISSP, CCSP would be an advantage.
-
Experience in developing security architecture artefacts and reference architectures ideally within manufacturing sector or equivalent.
-
Experience managing 3rd party service and technology providers.
-
Familiarity with security frameworks, standards and best practices, such as ISO 27001, ASVS and OWASP Top10.
-
Experience with threat modeling methodologies.
-
Experience implementing or working within a Secure Development Lifecycle environment.