Product Security Consultant

Bureau Veritas•Remo, VA

10d•Remote

About The Position

Bureau Veritas offers dynamic, exciting employment opportunities with an attractive salary/benefit package and an opportunity to play a vital role with a global organization. Bureau Veritas is an Equal Opportunity Employer, and as such we recruit, hire, train, and promote persons in all job classifications without regard to race, color, religion, sex, national origin, disability, age, marital status, citizen status, sexual orientation, gender identity, genetics, status as a protected veteran, or any other non-job-related characteristics. This position is responsible to ensure equal opportunity in employment in that all persons are treated equally and on the basis of merit, in decisions regarding selection, placement, promotions, training, work assignments, transfers and other personnel actions. Imagine your customer is a leading industrial component manufacturer, specializing in top-notch manufacturing and transportation equipment. You have ambitious goals: to streamline processes, ensure top-quality certifications for your client’s products, and guarantee cybersecurity. That’s where you come in. Our analysis will bridge any gaps in processes and products, and you will stand by your client as you address these challenges. With our expertise in penetration testing, risk assessment, and independent security evaluation, you will assist your client in raising their cyber resilience like never before. Your success story? It's written in the certification. Now also imagine the same story, but for products such as vehicles, medical devices, ships, IoT products, network equipment, etc. Doesn’t it sound like an exciting mission? Bureau Veritas Cybersecurity provides cybersecurity testing, audit, training and certification services covering people, organization, and technology (networks, systems, applications and data). We have offices in Seattle and Boston but are also expanding our team across the globe. That’s why we are looking for a Product Security Consultant. We have reputable clients and they request expertise to increase their level of cybersecurity. You will be responsible for conducting threat modeling, risk assessments and audits. You will also give advice, training, and support in the areas of cybersecurity, and relevant cybersecurity standards. You will collaborate with companies such as industrial manufacturers and asset owners, vehicle manufacturers and system integrators.

Requirements

Several years of experience in the field of cybersecurity, with a specific focus on the cybersecurity of embedded products.
Knowledge of product cybersecurity concepts, with a particular focus on industrial products, but also covering automotive, medical, network, IoT, etc.
Knowledge of various laws and regulations related to cyber and information security, as well as the current developments in this area.
Knowledge and expertise on certifications, mainly IEC 62443
Strong verbal and written communication skills in English.
A results-oriented personality; you know how to engage clients and colleagues.
Availability to travel (international) if needed in order to meet customers.

Nice To Haves

Familiarity with relevant cybersecurity frameworks, certification schemes, and regulations such as NIST, CMMC, Common Criteria, and the EU Cyber Resilience Act (CRA), and the ability to apply them in product security or compliance contexts is a plus.

Responsibilities

Manage and conduct advisory assignments in the field of cybersecurity and compliance, covering areas such as industrial cybersecurity but also automotive, medical/healthcare and IoT.
Guide and conduct evaluations based on recognized control frameworks or specific frameworks used by Bureau Veritas Cybersecurity, such as gap assessments, security maturity assessments, threat modeling and risk assessments.
Assist organizations in implementing ISMS and CSMS in accordance with relevant standards.
Actively contribute to the development of knowledge and services.
Support key clients with coordination across multiple stakeholders (internal experts, certification bodies) helping manage timelines and ensuring deliverables are aligned across projects.
Support key clients in tracking remediation actions and validating that security controls are effectively implemented over time.
If you would like to build a team and to coach junior and mid-level consultants; with our ambition to grow we can make it happen together with you.