Deep Sea Electronics Ltd (DSE) are a leading UK electronics manufacturer specialising in the development of advanced control and automation products for the power generation and off-highway vehicle markets. Our range of solutions includes connected devices that are subject to the latest cybersecurity standards.
The cybersecurity lead will be responsible for overseeing the cybersecurity aspects of our products. They will work closely with cross-functional teams including engineering, operations, and commercial to ensure products comply with regulations and adhere to industry best practices.
Requirements:
* Expert in C/C++ for embedded systems
* Cybersecurity development processes, including risk assessment techniques
* Security protocols and techniques, encryption, key storage, secure boot, and trust zones
* Knowledge of RED and CRA regulations
* Cybersecurity standards, IEC 62443, EN18031
* BSc in computer science or related degree qualification
* Familiar with stage-gated/agile development approaches
* Comfortable collaborating and communicating with embedded systems engineers and company executives alike, bridging the gap between technical and management
* Held a role focused on cybersecurity in embedded systems
* Practical experience with the relevant standards
* Leadership as a primary contributor to risk analysis, mitigations, and translation of requirements
Key Duties & Responsibilities:
* Lead the cybersecurity program at DSE Ltd
* Coordinate, develop, and maintain the cybersecurity strategy and policies for the development of products within the DSE product range
* Work cross-functionally with other departments to ensure full coverage of the relevant cybersecurity regulations, including the EU Cyber Resiliency Act
* Work with product management to drive cybersecurity initiatives into the product roadmap
* Lead the identification, assessment, and mitigation of cybersecurity risks associated with product development and deployment
* Oversee the preparation and submission of necessary documentation for compliance with IEC 62443 and related regulatory requirements
* Ensure continuous alignment with industry regulations and frameworks related to industrial cybersecurity
* Collaborate with engineering teams to integrate security features into product design and architecture
* Advise on secure software development practices and secure by design principles
* Lead vulnerability assessments, threat modeling, and penetration testing efforts for product solutions
* Ensure secure remote access, network security, and secure communication protocols are implemented throughout the products
* Act as the primary point of contact for cybersecurity incidents and response within the product development lifecycle
* Work with internal teams to implement lessons learned from security incidents and continuously improve security measures
* Conduct post-incident reviews and develop preventative measures to mitigate future risks
* Serve as a cybersecurity subject matter expert for internal and external stakeholders
* Educate and train internal teams on cybersecurity best practices, emerging threats, and mitigation strategies
* Work closely with customers and regulatory bodies to address cybersecurity requirements and concerns
Internal & External Relationships:
* Engineering Management team – assist with the implementation of cybersecurity projects
* Test and Approvals department – assist with training and in the development of test programs and procedures for cybersecurity
* Technical Support – assist technical support with more involved customer queries, and technical authoring support including review of security manuals
* Commercial sales team – support customer-facing sales literature and promotion of cybersecurity awareness at DSE
Benefits:
* 25 days holiday + Bank Holidays
* Life Insurance
* Enhanced Maternity/Paternity pay
* 5% Pension contributions
* Company-wide performance-based annual bonus scheme
#J-18808-Ljbffr