Sagentia Innovation is a science and engineering company that offers product advisory and development services driven by insight and invention.
We are involved in a variety of exciting software and product development projects. Examples include the development of mixed reality applications for pre- and post-surgery assessments, surgical robots for minimally invasive surgery, pre-natal non-invasive testing, advanced agricultural machinery for targeted pesticide delivery, mobile apps for implantable devices and many others.
We have dozens of projects in the medical, industrial, food and beverage, and consumer sectors from some of the world’s leading and best-known brands where you can make a genuine impact.
We are seeking a highly skilled Product Security Engineer to join our team. As a Product Security Engineer, you will be responsible for ensuring the security and compliance of products or software designed, developed, and maintained for our clients.
You will work closely with cross-functional teams to plan, identify, assess, and mitigate security risks in our product or software development process.
The ideal candidate will have hands-on software development experience with deep understanding of cyber/security best practices and processes, strong technical skills, and experience in designing and implementing secure product or software solutions.
- Write security management plans for products or software to be developed for our clients.
- Drive the product or software security risk management process.
- Collaborate with cross-functional teams to identify and mitigate security risks and vulnerabilities as per product security risk management process.
- Conduct security assessments and risk analysis.
- Develop and maintain security policies, procedures, and standards for our Quality Management System (QMs).
- Ensure product or software compliance with security and regulatory standards, such as HIPAA, PCI, and GDPR.
- 3+ years of experience in secure development lifecycles
- Experience of applying security risk management process to a product or software solution
- Familiarity with cloud and web security best practices and frameworks such as NIST, ISO, SANS or CWE.
- Strong understanding of web application security vulnerabilities and attack vectors, such as OWASP Top 10.
- Experience with web application security testing tools such as Burp Suite, OWASP ZAP, and Nessus.
- Strong understanding of cloud computing platforms such as AWS, Azure, or Google Cloud Platform.
- Bachelor’s degree or higher in Computer Science, Cybersecurity or related field.
- Experienced in the development of secure connected medical products.
- Cloud security certifications such as AWS Certified Security - Specialty or Microsoft Certified: Azure Security Engineer Associate.
- Familiarity with DevSecOps practices
- Web security certifications such as GIAC Web Application Penetration Tester (GWAPT) or Certified Web Application Security Professional (CWASP).
- Comfortable operating in a fast-paced environment
What we offer you
- Competitive salary and bonus scheme
- Private health insurance
- Pension scheme
- Cycle to work scheme
A Day in the Life
In this role you will work closely with software developers, product owners and stakeholders in an Agile environment. While you will be expected to be hands-on with product or software security risk management process, you will also be heavily involved in defining secure solution architectures, setting secure technical standards, and researching new approaches and technology options for secure cloud and web-based solutions.
Projects range in length anywhere from a couple of months to a couple of years. Typical projects will use a talented and collaborative cross-disciplinary team that provides insight into best practice product development in electronics design, mechanical design, software design and of courser product/software design.
Your work will be based at our Sagentia Innovation offices in Epsom, Surrey with opportunities for short travel to client sites in Europe or USA. You will enjoy a fast-paced environment in which we solve a variety of challenges for different clients.