Find your next tech and IT Job or contract NIS2

Strategy & Roadmap You develop and implement a cyber security policy that fits the customer's DNA. You outline clear long-term roadmaps. You translate abstract strategy into tactical action plans and supervise the execution. High-Level Governance You are the sparring partner at C-level and participate in board meetings and risk committees. You set up the security governance (who does what, how do we report?) and ensure cohesion between security, privacy, and business continuity. Risk Management & Compliance You initiate risk analyses (IT, OT, IoT) and make risks understandable for management. You guide customers through the landscape of laws and regulations (such as NIS2) and prepare them for audits and ISO certifications. Management of security incidents & Services In the event of serious incidents, you maintain oversight and calm. You coordinate the crisis communication while our operational teams close the leak. You advise customers on the optimal use of (our) SOC and monitoring services, and other security services. Impact & Communication You increase security awareness within the organisation and present clear reports on risks and maturity. You are the face of security: the central point of contact for all stakeholders. Who are you? You are a bridge builder. You combine in-depth substantive knowledge with the diplomatic skills of a top consultant.

Freelance Product Security Engineer - Contract / Contract-to-Perm Industry: Medical Device / Life Sciences Location: Limerick, Ireland Working model: Hybrid - 2 days minimum per week onsite Contract length: Initial 6 months Rate: Competitive Eligibility: Candidates must already have the right to work in Ireland We are working with a global organisation in the medical device / life sciences industry to recruit a Freelance Product Security Engineer for a long-term contract opportunity based in Limerick. This role is focused on product security, application security, secure SDLC, software security and secure-by-design development within a regulated medical product environment. The successful contractor will work closely with software engineering, product development, quality, regulatory and cybersecurity teams. The work will include security requirements, threat modelling, SAST, DAST, SCA, SBOM review, software composition analysis, vulnerability assessment, exploitability assessment, secure coding and remediation planning. This is not a SOC, SIEM, network security, cloud security or general infrastructure security operations role. Key responsibilities include: Support product security and application security across regulated software-based medical products. Define and support secure SDLC and secure-by-design practices. Partner with software and product engineering teams on security requirements, secure coding and remediation. Lead or support threat modelling and product security risk assessments. Review software/product designs and provide practical application security guidance. Support vulnerability assessment, exploitability assessment, impact assessment and risk review. Work with SAST, DAST, SCA, vulnerability scanning and dependency analysis tools. Support SBOM review, software composition analysis and open-source governance. Contribute to product security documentation within a regulated quality environment. Collaborate with software, systems, quality, regulatory and cybersecurity teams. Required experience: 3+ years' experience in product security, application security, software security, secure software development or security architecture. Strong understanding of secure SDLC, secure-by-design and secure software development principles. Hands-on experience with SAST, DAST and SCA / software composition analysis. Experience with SBOMs, dependency analysis, open-source governance or software supply chain security. Experience assessing vulnerabilities, exploitability, risk, impact and remediation options in application or product environments. Strong cyber fundamentals, including cryptography, CIA triad, threat modelling, authentication, encryption and secure communications. Understanding of secure coding standards and frameworks such as OWASP, NIST or similar. Ability to work directly with engineering teams and provide clear, practical technical guidance. Strong written documentation skills. Experience working in a regulated, quality-managed or safety-critical environment. Nice to have: Experience in medical device, life sciences, regulated software, product security or application security environments. Experience with Windows applications, .NET, SQL Server, Angular, jQuery or similar software environments. Familiarity with FDA, MDR, ISO 13485, IEC 62304, NIS2 or similar regulated frameworks. Security certifications such as CISSP, CSSLP, CEH or similar. This is a strong freelance contract opportunity for someone who wants a hands-on, engineering-facing Product Security Engineer role in the medical device / life sciences industry. Applicants must already have the right to work in Ireland. Please click to find out more about our Key Information Documents. Please note that the documents provided contain generic information. If we are successful in finding you an assignment, you will receive a Key Information Document which will be specific to the vendor set-up you have chosen and your placement. To find out more about Real, please visit Real Staffing, a trading division of SThree Partnership LLP is acting as an Employment Business in relation to this vacancy | Registered office | 8 Bishopsgate, London, EC2N 4BQ, United Kingdom | Partnership Number | OC387148 England and Wales