Cybersecurity Compliance & Risk Analyst (Hybrid)
Job Description
Job Description
Job Description:
Key Responsibilities:
• Lead cybersecurity and privacy engagements for digital assets throughout the certification
lifecycle.
• Define and implement IT/OT security and data protection requirements with project teams.
• Perform risk assessments, threat modeling, and review penetration test results.
• Drive Secure Development Lifecycle (SDL v2) activities, including vendor assessments and
security reviews.
• Deploy and manage SAST/DAST tools and generate required SDL artifacts.
• Prepare and execute pre-penetration tests for products under SDL v2.
• Act as a cybersecurity SME, advising teams on secure design and implementation.
• Ensure compliance with risk-driven security practices and SDL v2 standards.
• Collaborate on secure architecture requirements with product and marketing teams.
• Support incident response planning and validation.
• Maintain documentation of controls, processes, and compliance evidence.
• Communicate proactively with stakeholders to uphold security posture.
Qualifications:
• Bachelor’s degree in Computer Science, Information Security, or equivalent experience.
General
• Minimum 3 years in cybersecurity roles, preferably in R&D environments.
• Strong knowledge of IEC62443; ISA-IEC62443 Cybersecurity Expert certification required.
• Additional certifications (CSSLP, CISSP) are a plus.
Competences:
• Strong expertise in security management, risk assessment, and mitigation.
• Experience with ICS/OT environments and secure cloud architecture.
• Understanding of security risks across web, mobile, cloud applications, and web services.
• Proficient in designing and implementing secure cloud environments.
• Knowledge of Privacy-by-Design principles and IT security best practices.
• Skilled in vulnerability management processes, tools, and metrics.
• Ability to design secure architectures for APIs, IoT, and connected devices, including
authentication, encryption, PKI, and AI security.
• Proficiency in cryptography, secure architecture, and authentication/authorization mechanisms.
• Familiarity with DevSecOps, OWASP, and threat modeling methodologies.
• Hands-on experience with tools such as Coverity, SonarQube, Black Duck, Microsoft Threat
Modeling, jFrog, Jira, and Confluence.
• Excellent communication skills and ability to influence distributed teams.
• Proven track record in managing multiple projects and collaborating across functions.
• Ability to work independently and take ownership of deliverables.
• Fluency in English; Spanish and French are a plus.
Company DescriptionSelect Source International (SSI) is a distinguished staffing company with nearly 25 years of experience, renowned for delivering top-tier workforce solutions encompassing staffing, recruiting, and managed services. As a proud supplier, we bring a wealth of expertise and best-in-business differentiators to comprehensively support your diverse workforce needs.
Based in Minneapolis, Minnesota, USA, SSI has established itself as a global leader, serving a broad clientele across industries with unwavering dedication and excellence. SSI is ISO 9001, 14001, and Soc2 Type2 certified, underscoring our commitment to quality and security. We have garnered numerous sustainability and supplier diversity awards, further validating our industry-leading capabilities
Company Description
Select Source International (SSI) is a distinguished staffing company with nearly 25 years of experience, renowned for delivering top-tier workforce solutions encompassing staffing, recruiting, and managed services. As a proud supplier, we bring a wealth of expertise and best-in-business differentiators to comprehensively support your diverse workforce needs.\r\n\r\nBased in Minneapolis, Minnesota, USA, SSI has established itself as a global leader, serving a broad clientele across industries with unwavering dedication and excellence. SSI is ISO 9001, 14001, and Soc2 Type2 certified, underscoring our commitment to quality and security. We have garnered numerous sustainability and supplier diversity awards, further validating our industry-leading capabilities