Provide domain expertise and contributions within a team of product security engineers
Collaborate with engineers from other cross-functional groups such as systems, safety, and test to ensure product and program level needs are met
Development of security artifacts and required documentation to provide evidence of rigor in accordance with relevant standards
Ensure that security requirements are clearly defined, implemented and traceable
Audit embedded code to identify security vulnerabilities
Work with product and engineering teams to identify, implement, and advance security with our products
Lead product security initiatives and serve as a subject matter expert (SME)
Carry out risk assessments to prioritize threats and compare mitigation strategies
Conduct penetration tests and risk assessments in an automotive, industrial or disconnected environment
Work with Forterra engineers, vendors, and partners to drive vulnerability remediation
Perform activities such as sprint planning, task delegation, roadmap refinement and identifying markers of success

Requirements

BS in Computer Science, Computer Engineering, Information Security, Electrical Engineering or proof of exceptional skills in related fields, with practical software engineering experience
A minimum of 4+ years of work experience as a Product Security Engineer or related role
Ability to write security requirements and communicate them to other engineering teams
Demonstrated skill in hardware and software security, including a track record of identifying and mitigating high-impact vulnerabilities
Experience with software supply chain risk management and SBOMs
Familiarity with ISO/SAE 21434, NIST 800-218, NIST 800-53, and NIST 800-37
Knowledge and practical experience with the Risk Management Framework (RMF) for cybersecurity compliance and assessment
Strong communication skills, both written and spoken
Demonstrated ability to deal with ambiguity and to learn new technologies quickly

Benefits

Premium Healthcare Benefits: Three plan options, including an HSA-eligible plan, with Forterra covering 80% of the plan premium for you and your dependents.
Basic Life/AD&D, short and long-term disability insurance plans 100% covered by Forterra, plus the option to purchase additional life insurance for you and your dependents.
Extremely generous company holiday calendar including a winter break in December.
Competitive paid time off (PTO) offering 20 days accrued per year.
A minimum of 7 weeks fully paid parental leave for birth/adoption.
A $9k annual tuition reimbursement or professional development stipend.
Fully stocked beverage refrigerators with all the Celsius your little heart desires.
401(k) retirement savings plan, including traditional, Roth 401(k), and after-tax deferral with company match up to 4%.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills

security artifacts developmentsecurity requirements definitionembedded code auditingpenetration testingrisk assessmentsvulnerability remediationsoftware supply chain risk managementSBOMshardware securitysoftware security

Soft skills

collaborationcommunicationleadershiptask delegationroadmap refinementdealing with ambiguitylearning new technologies quickly