Sr. Engineer
Johnson Controls
Pune, Maharashtra, India
2d ago

What you will do

  • Consultingwith product teams on security by design’ principles across the SoftwareDevelopment Lifecycle to assist Security Architects when conducting productspecific security assessments.
  • Performstatic and dynamic code analysis, vulnerability scanning and ethical hackerpenetration testing to detect any potential security design flaws orvulnerabilities.
  • Demonstratingproof of exploit where necessary.
  • Prototypingand testing countermeasures to defend against attacks where necessary.
  • Consultand support product teams in mitigating any discovered security design flaws orvulnerabilities.
  • How you will do it

  • Performthreat analysis such as monitor vulnerability trends across product ranges,track vulnerability remediation and produce reports at various levels ofgranularity to product teams and at executive level.
  • Aidand support in product security incident and response activities.
  • Performforensic analysis of any potential incidents here necessary.
  • Coordinatewith GPS for penetration testing engagements for product teams.
  • Undertakerelevant cyber security training courses and attend conferences for exampleOWASP AppSec, Black Hat, to stay current on latest technologies and evolvingthreats.
  • Required

  • Musthave B.E / B.Tech / M.Tech / MCA in Computer Science or InformationTechnology
  • Musthave a minimum of 8 years engineering level experience. For example, inapplication security, embedded systems security and / or (secure) software developmentis desired.
  • Activesecurity certifications such as OSCP, CISSP, CEH, CSSLP or related is desired.
  • Goodunderstanding of one or more of the following is desired : Linux, programming& scripting languages (such as Java, Python, Perl) and security tools (suchas Kali, Zap, Nessus, Netsparker, openVAS, BurpSuite, Metaspolit and so forth).
  • Abilityto work well under minimal supervision.
  • Requiresstrong interpersonal, organizational, written and verbal communication skills.
  • Preferred

  • Programmers / Fullstack developers whom have a demonstrated passion for cyber security and wantto pursue cyber security as a full time career path.
  • Goodunderstanding of one or more of the following is desired : Linux, programming& scripting languages (such as Java, Python, Perl) and security tools (suchas Kali, Zap, Nessus, Netsparker, openVAS, BurpSuite, Metaspolit and so forth).
  • Mustbe eager to learn a constantly changing field and technology stacks, work in afast-paced environment with tight development schedules, and partner withproduct development teams to guide them in meeting security requirements in away least impactful to their development timelines.
  • Abilityto work with incomplete and ambiguous information to influence system andproduct direction understanding security and functional requirements.
  • Apply
    Add to favorites
    Remove from favorites
    Apply
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Continue
    Application form