Sr Advanced Cyb Sec Archt/Engr

Driving Infinite Possibilities Within A Diversified, Global Organization

Cyber Security Engineer IV

The Cyber Security Engineer IV reports to the Product Security Assurance Leader and will be responsible for assessing and evaluating the security posture of a variety of Honeywell Products and partner technologies.This role will be responsible for security services delivery, which may include use of hardware/firmware/application/network/Mobile/Cloud security toolsets, detection of security defects, and remediation consultation of those weaknesses.Our services support the identification of potential attack techniques and serve as the foundation for continuously improving the product development lifecycle.

Responsibilities

·Individual Contributor with Product Security Assurance Team, with minor team leadership accountabilities

·Provide mentorship, expertise and direction to junior team members

·Assist with onboarding internal team training

·Champion strategic Product Security initiatives

·Oversee and ensure client deliverables are on time, requirements are met

·Proactively anticipate escalations

·Lead initiatives to engineer better solutions

·Develop methodologies, determine scoping requirements

·Deliver Security Testing across all of Honeywell

·Assist in the development of modular, repeatable, effective Security Testing processes

·Partner with Tools and Technology Team to select, implement, develop, and automate testing with appropriate tools.

·Work with cross functional teams to develop remediation suggestions

·Report observations using our standardized reporting structure

·The engineer may frequently lift and/or move up to 25 pounds

Basic Qualifications

·Bachelor’s degree in computer science or software engineering, electrical engineering or equivalent experience

·7+ years of Cyber Security or Information Technology experience

·1+ years project management skills

Experience in pentesting – Web, Network, Embedded security ( Hardware and Firmware) , Protocol fuzzing, Mobile App, Thick Client,API, Web services, Cloud
Fuzzing various Industrial protocols like Modbus (TCP and RTU), BACnet, DNP3 and IT protocols like FTP, Telnet, SSH, HTTP(s), SNMP v1/2/3, NTP, RADIUS, MQTT, DNS.
Understanding of application protocols, development, and common attack vectors.
Good cybersecurity capabilities and strong software engineering skills
Experience with pentest tools and frameworks such as:  Burp Suite, IDA Pro, GHidra, Kali, OWASP, Metasploit, Nessus, Nmap, MObSF, Genymotion, Frida, APK Tool
Scripting experience in Python, Powershell and Bash preferred.
Experience working with other languages such as C, C++, Java, .NET or javascript.
Excellent understanding of security by design principles and architecture level security concepts
Experience and knowledge of penetration testing methodologies and tools
Up to date knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities
Effective oral and written communication skills
Good interpersonal skills
Experience in security testing within the appropriate domain
Demonstrated project management skills. 
Relevant Security certifications: CEH, OSCP, GPEN
Public speaking at Technical Conferences
Familiarity with reverse engineering tools, debuggers, and dynamic analysis techniques
Experience in integrating pentest Additional Information

• JOB ID: HRD243649
• Category: Engineering
• Relocation Tier: Not Applicable
• Security Clearance:
• Aviation Authority (FAA for US):
• Band: 03
• Referral Bonus: 210000
• Requisition Type: Standard Requisition
• US Citizenship:
• FLSA Statement:
• FLSA CODE: Exempt