Itron is innovating new ways for utilities and cities to manage energy and water. We create a more resourceful world to protect essential resources for today and tomorrow. Join us. Itron is looking for an experienced Principal Product Security Engineer. This person will engage with R&D and project teams and contribute to the adoption of security engineering rules to the design, testing and deployment of Itron solutions encompassing meteringIoT devices, network components, communications infrastructure, and application software. This individual will work closely with R&D in defining current and next generation product security architecture, capturing threat models, assessing attack surfaces, organizing security designs and providing general security consultation to the development organization. Duties and Responsibilities: Reviewing product security architecture during the design phase, providing guidance in maintaining the delivery of world class secure solutions to our customers. Providing input and feedback for network protocol specifications, Industry Standards Leadership direction, and system and component design details. Developing threat models for Itron products. Working with Product Management to respond to RFP/RFIs, to answer security questions from customers, and to establish security requirements for existing and new products. Maintaining a working knowledge of the threat landscape and working with R&D to apply necessary mitigations. Recommending and driving secure development and test practices into our product development organizations. Required Skills & Experience Required 6+ years related experience Experience working in complex systems, involving software applications, public & private cloud deployments, networking, and information security. Pragmatic approach and experience with the creation of architectural and design documentation (block diagrams, sequence diagrams, process flows, interface definitions) Strong experience and detailed technical knowledge in security engineering, system and network security, authentication and security protocols, and applied cryptography Experience with the application of threat modeling, SDLC methods or other risk identification and mitigation techniques Experience in protocol selection, documentation, and refining with R&D implementation teams. Experience working in R&D and possessing a deep understanding of the tradeoffs of component-level decisions (the candidate has done software or firmware or networking development). Understanding of industry standard cryptographic algorithms, modes of operations, and secure protocols Experience with the configuration, operation, and management of firewalls, VPN, SSH, PKI, and vulnerability scanners/assessment tools. Extensive experience in web-application security, service-oriented architecture and web services security. Experience with Smart City (IoT) and/or Automated Metering Infrastructure (AMI) is preferred. Understanding of Standards (FIPS, NIST PUB) & best practices (SANS, OWASP) related to security and security certification frameworks (Common Criteria, SESIP, PSA ...) Awareness of the evolving security industry, new attack and defense methods, new product and component vulnerabilities, and industry best practices. Excellent written and verbal communication skills. Excellent leadership skills and teamwork skills. Results oriented, high energy, self-motivated. A successful candidate for this position must be highly motivated and capable of learning new material on his or her own whenever needed. Preferred Skills & Experience Certifications such as CISSP, CompTIA Security+, GSEC, or GCIH certifications are preferred. Education: Bachelor's degree or equivalent experience in Compute