NXP Semiconductors

Product Security Incident Response Manager

NXP Semiconductors

full-time

Posted on:

Location Type: Hybrid

Location: GratkornAustria

Visit company website

Explore more

AI Apply
Apply

Tech Stack

Cyber SecurityOpen Source

About the role

  • Empower our software development community in managing vulnerabilities in Third Party Components (TPS) and Open Source Software (OSS), ensuring robust security.
  • Define and develop best practices, streamline processes, and drive continuous improvement initiatives.
  • Contribute to new regulations and standardization activities that may impact product security or our way of working such as the upcoming EU Cyber Resilience Act.
  • Collaborate with innovators – partner with external security researchers, academia and research organizations on cutting-edge projects and vulnerability submissions.
  • Be a key player in risk management by supporting and leading triage and vulnerability assessments of product vulnerabilities.
  • Work cross-functionally with internal teams (engineering, product management, legal, etc.) to ensure timely resolution of incidents.
  • Own the process by generating and managing PSIRT JIRA tickets for validated vulnerabilities.
  • Provide updates about incident status, impact, and mitigation actions to relevant stakeholders.
  • Manage incoming Third Party vendor vulnerability pre-notifications and monitor internal and external sources to identify signs of security incidents related to our products.

Requirements

  • 3+ years of experience in product security incident response, investigation and vulnerability management across hardware and software products.
  • Bachelor’s/master’s degree in engineering – Computer Science, Electrical Engineering, Cybersecurity, or a related field.
  • Familiarity in a Security Operations Center or PSIRT or similar security incident response teams.
  • Familiarity with industry-standard security frameworks, standards, and regulations.
  • Understanding of security in the following areas - embedded systems, hardware and software; ability to quickly learn where needed.
  • Interests in security concepts, secure coding, and security best practices.
  • Excellent collaboration and communication skills to work effectively with cross-functional teams.
  • Ability to work independently, taking ownership of security initiatives and improving processes.
Benefits
  • home office
  • flexible working time
  • meal benefits
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
vulnerability managementproduct security incident responserisk managementsecure codingvulnerability assessmentsincident investigationsecurity frameworksembedded systemshardware securitysoftware security
Soft Skills
collaborationcommunicationownershipindependenceprocess improvementcross-functional teamworkleadershipproblem-solvinginitiativeadaptability
Certifications
Bachelor’s degree in Computer ScienceBachelor’s degree in Electrical EngineeringBachelor’s degree in CybersecurityMaster’s degree in Computer ScienceMaster’s degree in Electrical EngineeringMaster’s degree in Cybersecurity