Cybersecurity Engineer

About The Position

Requirements

• Bachelor’s degree in Engineering, Computer Science, Cybersecurity, or related field (or equivalent experience) AND 10+ years of experience in cybersecurity, product security, compliance, or regulated product environments
• Working knowledge of: IEC 62443 or similar product security standards
• ISO/IEC 27001 concepts
• Secure development lifecycle practices
• Experience supporting audits, assessments, or customer security reviews
• Familiarity with Web Application Security standards (OWASP, MITRE)
• Experience with application security technologies including SCA/SAST/DAST and the ability to identify false positives and assist with remediation planning
• Previous experience integrating security tools in CI/CD development pipelines
• Excellent verbal and written communications
• Critical thinker
• Works well independently

Nice To Haves

• 5+ years Cybersecurity experience
• Professional certification (CISSP, CCSP, GWAPT, GWEB, AWS SA / Certified Security, etc.)
• 1-3 years working directly with Cloud Infrastructure as code (CFT, TF) in AWS
• Familiarity with ServiceNow VM and GRC modules
• Development of automation and scripting 10+ years experience.
• Speaks Portuguese or Spanish

Responsibilities

• Security Compliance Execution: A&A security compliance support, implementation of EU CRA / IEC 62443 / ISO 27001 / ISO 9001, requirement translation into procedures/checklists/templates, evidence package development
• Audit & Evidence Management: Audit evidence preparation and maintenance, support for internal/ISO/customer audits, evidence collection and validation, audit coordination across teams
• Product Security & Compliance Support: EU CRA activities (secure-by-design documentation, vulnerability management, SBOM alignment), IEC 62443 secure development lifecycle support, mapping engineering practices to controls, participation in compliance reviews
• Customer & Third-Party Security Responses: Security questionnaire support, drafting and maintaining responses, technical input collection and validation, escalation of complex/high-risk issues
• Risk & Issue Tracking: Compliance gap identification, risk and deviation tracking, findings and corrective action management, remediation tracking, risk acceptance and exception documentation
• Cross-Functional Collaboration: Coordination with engineering, product, platform, quality, and enterprise security teams, alignment of security posture with implementation, driving closure of compliance gaps

Benefits

• 401(k)
• Dental insurance
• Vision Insurance
• Disability insurance
• Employee assistance program
• Health insurance
• Health savings account
• Life insurance
• Paid time off
• Paid Holidays