IT Security Design Assurance / Security Architect (f/m/d)

WHO WE ARE

As a 100% subsidiary of Porsche AG, we at Porsche Digital are dedicated to developing innovative visions, strategies, products, business models, and inspiring customer experiences that redefine the Porsche brand in the digital age. Our mission involves not just creating strategies but also pioneering forward-thinking solutions and concepts. Porsche Digital operates

THE JOB

This is a rare and exciting opportunity for an experienced cyber security professional to join the local cyber security team of Porsche in Tel Aviv. You will be part of the IT Security Design Assurance Team auditing security concepts with the goal of proactively identifying risks and attack vectors in the complex IT landscape of Porsche.

What you will do

Operation and development of the central Information Security Management System (ISMS) with regard to the identification of and compliance with required security measures during the development and operation of IT systems. This includes, not limited to:

Verifying the classification of business data and performing Business Impact Analyses
Deriving relevant assets to be protected
Deriving appropriate security requirements for assessed IT projects
Tracking the fulfillment of security conditions for IT projects

Audit and approve complex written security concepts of future IT projects with regard to technical and organizational measures

Derive security risks from unsatisfiable security requirements in assessed security concepts and their implementations

Perform System Security Check (SSC)

What you bring along

3-5 years of experience with information security (security researcher, security engineer, security architect)

Agile skills and experience, team-oriented working attitude

Bachelor’s Degree / Master’s Degree in Computer Science or Information Security hands-on experiences

Excellent written and verbal communication skills in English and Hebrew, German language skills are an advantage

Strong analytical and structured power of comprehension, ability to assess the fulfillment of given security requirements from written security concepts only

Deep technical knowledge in the field of information security management (ISMS), as well as distinctive knowledge of methods and processes of ISMS standards and practices such as ISO/IEC 2700x, NIST SP 800 or NIST CSF

Knowledge of past, current, and emerging security exploit types

Knowledge of OWASP Top 10, CWE/SANS Top 25, WASC are a plus

Good understanding of the full IT stack (infrastructure, middleware, application) and respective technical security measures

WHAT COMES NEXT

If you've made it this far, don't keep us waiting. Get started - apply directly!

In the meantime: Check out our Porsche Digital Website to get an impression of what our hearts beat for: https://www.porsche.digital

We are looking forward to every unique application that reaches us. Because diversity is just as important as the energy that flows through our veins.