Software Security Expert / Coordinator

Committed and with passion for precision we create digital reality solutions combining sensor, software, and autonomous technologies to empower a sustainable future.

Are you passionate about software security and eager to make a significant impact on the security of software products, from cloud applications to embedded systems? We are looking for aSoftware Security Expert / Coordinatorto take ownership of security across our software development lifecycle. In this role, you will be responsible for ensuring compliance with security standards and best practices while working closely with development teams to implement secure coding principles, threat modelling, and penetration testing strategies.

Software Security Expert / Coordinator

This appeals to you

• Being responsible for the security of our software development lifecycle, ensuring that all products (from cloud applications to embedded software) meet necessary security standards and regulations
• Drive the implementation of Security Development Lifecycle (SDLC ), which includes:

1. establishing, facilitating and tracking Threat Modelling activities and sessions in major (key) projects and training others to moderate threat modelling sessions for smaller projects
2. Informal training and information sessions for (key) software engineers to increase awareness and competency in software security
3. Identifying needs, organizing & conducting with help of (external) experts a strategy for penetration testing (pen test, ethical hacking) of products/systems which are already released or under development

• Evaluation and definition of the tool landscape supporting the software compliance assessment process, that includes SBOM (software bill of materials), list of software licenses, list of potentially vulnerable software components (CVE), etc.
• Reviewing and improving security of critical system functions in Operations (Production/Customizing/Service) and supporting Product Management regarding compliance and security relevant aspects when dealing with external partners (sales, customers)
• Acting as a “first contact point” if any questions are popping up from the R&D department. Providing guidelines, best practices, training and documentation for the development team. Acting as a moderator, coach & mentor for the R&D teams
• Working with compliance team to ensure relevant security standards like ISO 27001, NIST and OWASP. Supporting internal and external security audits
• Supporting assessment and audits of external software partners or software component suppliers with focus on contracts, liability, and security

This is you

• You hold an university degree in Software Engineering or related discipline and preferably an advanced certification like CISSP or CISM
• At least 5 years of experience in software security, application security, or a similar role
• Strong understanding of cybersecurity principles
• Expertise in secure software development lifecycle (SDLC)
• Familiarity in programming languages like C++, Python or C#
• Knowledge of security tools (e.g., static/dynamic code analysis tools, firewalls).
• Analytical skills for identifying and mitigating risks
• Effective communication and moderation skills in English being able to share complex security aspects to a variety of different stakeholders

We offer you

• Flexible annual working hours based on a 40-hour week, with 100% employment
• Vacation entitlement: 25 days from the age of 20, 27 days from the age of 40 and 30 days from the age of 50
• Hybrid Working model
• Bonus system and extra-mandatory pension fund contributions
• Individual training opportunities (internal and external)
• Relocation service
• Various Discounts (Health, Car, Entertainment and much more)
• Employee Events
• Flat hierarchy structure
• Warm and international corporate culture based on respect and cooperation

About Us

Hexagon is a leading provider of digital reality solutions and employs more than 24,000 people in 50 countries. You will be part of a strong, experienced, inspiring and motivated team of experts driving the future of Hexagon. You will use and develop your skills in our highly innovative and diverse environment.

Flexible working models allow you to ideally combine work and private interests.

Contact

If you have any questions, please do not hesitate to contact, Talent Acquisition Specialist.