Visit development organization virtually and onsite to determine the software processes used to create the software and advise/account for what improvements, if any, are needed to meet IEC 62443 security development requirements.
More Uses of the CSSLP Toolkit:
- Manage: document findings and architectural issues for development and other security teams consumption.
- Engage with your organization on continuous improvement of your Secure Development Lifecycle (SDL) process and certifications.
- Drive: software engineer to lead a distributed team of software engineers, in developing new and innovative solutions for a number of defense department customers.
- Develop metrics and communicate the compliance posture and effectiveness to Management on a scheduled basis.
- Drive efforts with the engineering teams to quantify residual product risk and identification of appropriate security architecture.
- Drive efforts with the development teams to quantify residual product risk and identification of appropriate security controls.
- Provide training, coaching, and expert consultation in secure development practices to the business and development teams.
- Provide support to development and engineering teams with respect to security and privacy controls/queries.
- Perform detailed pre audits to evaluate compliance levels to identify and remediate control gaps.
- Be accountable for offering the technology transformations, strategy, and mission services needed to get the job done.
- Validate that product security and compliance activities are completed and provide sign off prior to deployment.
- Ensure you lead efforts with the development teams to quantify residual product risk and identification of appropriate security controls.
- Provide product security related coaching/mentoring and security expertise for all software and firmware development teams in SPS.
- Identify, prioritize, and help implement security improvements that maximize security while keeping developers productive.
- Make sure that your organization certifications in security and privacy demonstrating deep practical knowledge as CSSLP or CISSP.
- Establish that your organization leads and/or lead business, culture, technical, and practice initiatives that support information security and continuous improvement across your organization.
- Be accountable for evaluating, designing, testing, and recommending new or improved controls to keep FUSE current with industry standards and compliance requirements.
- Perform system maintenance, manage coordinate, and implement software upgrades, patches, hot fixes on servers and workstations (as necessary).
- Direct: design, prototype, support, and validate scalable security solutions to eliminate systemic issues.
- Confirm your organization focus on secure software development lifecycle, blend with and understand your agile based software development methodologies, prioritizing applications and services based on risk.
- Contribute to iot and embedded security through your software architecture leadership team and software architecture standard.
- Ensure you lead secure design, coding and/or testing workshops to teach other engineers at Dell how to efficiently apply security development practices.
- Identify and understand inherent, systemic high risk security issues that could lead to security incidents.
- Ensure you practice safe change management almost daily to protect all features and system functions, and orient your pragmatic mindset to sustain business goals.
- Integrate with product development and engineering teams to monitor the ongoing operations with respect to requirements established for security and privacy.