Visit development organization virtually and onsite to determine the software processes used to create the software and advise/account for what improvements, if any, are needed to meet IEC 62443 security development requirements.

More Uses of the CSSLP Toolkit:

  • Manage: document findings and architectural issues for development and other security teams consumption.
  • Engage with your organization on continuous improvement of your Secure Development Lifecycle (SDL) process and certifications.
  • Drive: software engineer to lead a distributed team of software engineers, in developing new and innovative solutions for a number of defense department customers.
  • Develop metrics and communicate the compliance posture and effectiveness to Management on a scheduled basis.
  • Drive efforts with the engineering teams to quantify residual product risk and identification of appropriate security architecture.
  • Drive efforts with the development teams to quantify residual product risk and identification of appropriate security controls.
  • Provide training, coaching, and expert consultation in secure development practices to the business and development teams.
  • Provide support to development and engineering teams with respect to security and privacy controls/queries.
  • Perform detailed pre audits to evaluate compliance levels to identify and remediate control gaps.
  • Be accountable for offering the technology transformations, strategy, and mission services needed to get the job done.
  • Validate that product security and compliance activities are completed and provide sign off prior to deployment.
  • Ensure you lead efforts with the development teams to quantify residual product risk and identification of appropriate security controls.
  • Provide product security related coaching/mentoring and security expertise for all software and firmware development teams in SPS.
  • Identify, prioritize, and help implement security improvements that maximize security while keeping developers productive.
  • Make sure that your organization certifications in security and privacy demonstrating deep practical knowledge as CSSLP or CISSP.
  • Establish that your organization leads and/or lead business, culture, technical, and practice initiatives that support information security and continuous improvement across your organization.
  • Be accountable for evaluating, designing, testing, and recommending new or improved controls to keep FUSE current with industry standards and compliance requirements.
  • Perform system maintenance, manage coordinate, and implement software upgrades, patches, hot fixes on servers and workstations (as necessary).
  • Direct: design, prototype, support, and validate scalable security solutions to eliminate systemic issues.
  • Confirm your organization focus on secure software development lifecycle, blend with and understand your agile based software development methodologies, prioritizing applications and services based on risk.
  • Contribute to iot and embedded security through your software architecture leadership team and software architecture standard.
  • Ensure you lead secure design, coding and/or testing workshops to teach other engineers at Dell how to efficiently apply security development practices.
  • Identify and understand inherent, systemic high risk security issues that could lead to security incidents.
  • Ensure you practice safe change management almost daily to protect all features and system functions, and orient your pragmatic mindset to sustain business goals.
  • Integrate with product development and engineering teams to monitor the ongoing operations with respect to requirements established for security and privacy.

 

Categories: Articles