Job
- Level
- Senior
- Job Field
- IT, Security, Test/QA
- Employment Type
- Full Time
- Contract Type
- Permanent employment
- Location
- Balgach
- Working Model
- Hybrid, Onsite
Job Technologies
Your role in the team
- Being responsible for the security of our software development lifecycle, ensuring that all products (from cloud applications to embedded software) meet necessary security standards and regulations.
- Führen Sie die Implementierung des Security Development Lifecycle (SDLC) an, einschließlich: Etablierung, Moderation und Nachverfolgung von Threat Modelling-Aktivitäten und -Sitzungen in großen (Schlüssel-)Projekten sowie Schulung anderer, um Threat Modelling-Sitzungen für kleinere Projekte zu moderieren.
- Informal training and information sessions for (key) software engineers to increase awareness and competency in software security.
- Identifying needs, organizing & conducting with help of (external) experts a strategy for penetration testing (pen test, ethical hacking) of products/systems which are already released or under development.
- Evaluation and definition of the tool landscape supporting the software compliance assessment process, that includes SBOM (software bill of materials), list of software licenses, list of potentially vulnerable software components (CVE), etc.
- Reviewing and improving security of critical system functions in Operations (Production/Customizing/Service) and supporting Product Management regarding compliance and security relevant aspects when dealing with external partners (sales, customers).
- Acting as a "first contact point" if any questions arise from the R&D department.
- Providing guidelines, best practices, training, and documentation for the development team.
- Acting as a moderator, coach & mentor for the R&D teams.
- Working with the compliance team to ensure relevant security standards such as ISO 27001, NIST, and OWASP.
- Supporting internal and external security audits.
- Supporting assessment and audits of external software partners or software component suppliers with focus on contracts, liability, and security.
This text has been machine translated. Show original
Our expectations of you
Education
- You hold a university degree in Software Engineering or a related discipline and preferably an advanced certification such as CISSP or CISM.
Qualifications
- Strong understanding of cybersecurity principles.
- Expertise in secure software development lifecycle (SDLC).
- Familiarity with programming languages such as C++, Python, or C#.
- Knowledge of security tools (e.g., static/dynamic code analysis tools, firewalls).
- Analytical skills for identifying and mitigating risks.
- Effective communication and moderation skills in English, with the ability to convey complex security aspects to a variety of different stakeholders.
Experience
- At least 5 years of experience in software security, application security, or a similar role.
This text has been machine translated. Show original
Benefits
Work-Life-Integration
- 🕺No Dresscode
- 🧳Relocation Support
- 🅿️Employee Parking Space
- 🙅♂️No All-In Contracts
- 🏝Extra Holidays
- 🏠Home Office
- 🚌Excellent Traffic Connections
- ⏰Flexible Working Hours
Food & Drink
More net
Job Locations
Location Balgach
Heinrich Wild Strasse
9435 Heerbrugg
Switzerland
Topics that you deal with on the job
This is your employer
Leica Geosystems, part of Hexagon
Graz, Zürich, Heerbrugg, Dornbirn, Wien
Leica Geosystems combines accurate measurement, positioning, and mapping technologies with industry-tailored workflows to help geodata-dependent industries capture, visualise, and analyse the physical world, turning data into actionable insights for better decision-making and improved efficiency. We are part of Hexagon, a global leader in measurement technologies with about 24,800 employees in 50 countries. Hexagon’s technologies provide the confidence vital industries rely on to build, navigate, and innovate. Yet measurement is only the beginning. Together, we bridge the physical and digital worlds to make cities and industries safer, smarter, and more sustainable. We bring that same mindset to how we work, offering a flexible annual working model based on a 40-hour week, giving you the freedom to organise your time effectively. Our hybrid working approach allows you to work where you are most productive.
Description
- Company Size
- 250+ Employees
- Founding year
- 1921
- Language
- German, English
- Company Type
- Established Company
- Working Model
- Full Remote, Hybrid, Onsite
- Industry
- Industry, Production, Electronics, Automatization
Dev Reviews
by devworkplaces.com
Total
(4 Reviews)Workingconditions
4.8Engineering
4.1Career Growth
4.7Culture
4.7
Software Security Expert/Coordinator
- Location
- Balgach
- Working Model
- Hybrid, Onsite
- Easy Apply
- Easy Apply