7 days old

Lead Cyber Security Engineer - Tools

Honeywell
Atlanta, GA 30303

Innovate to solve the world's most important challenges
Are you a cyber professional who desires to make a difference in the everyday security of people?  Someone who wants to drive real improvements into real products in an environment with strong organizational support for product security?
 
Honeywell is a Fortune 100 company with global sales surpassing $40B and has been one of Fortune€™s Most Admired Companies for over a decade. Through innovation the company brings together the physical and digital world to tackle some of the toughest societal and business problems €“ making the world a more productive, safe and sustainable place.  The business is organized into five primary groups: Aerospace; Building Technologies; Performance Materials and Technologies; Safety and Productivity Solutions; and the Connected Enterprise
 
Honeywell Connected Enterprise (HCE) is a global leader for products and technologies that are installed in more than 10 million buildings, aircraft, and facilities worldwide.  Honeywell is a pioneer in the Internet of Things, developing the next generation of connected offerings.  The Lead Security Engineer reports to the Global Product Security Tools and Technology Leader and will be responsible to provide hardware selection, configuration, design, and process improvements within our products; and to provide mentoring and guidance to other team members.
 
As a key member of our growing product security team, you'll leverage your proven experience and...
  • Drive product security process activities to incorporate effective security for all software and firmware development in HCE 
  • Lead teams to select, develop, deploy, and maintain cyber security services across the enterprise supporting over 1,000 projects and 10,000 developers
  • Develop HCE design patterns and standards for product security beginning with component selection and continuing through layout, testing, and processor configuration
  • Lead efforts with the security teams to ensure they are getting effective, affordable, and understandable methods to properly design and develop our products
  • Partner with the development teams to enable them to integrate the standards into their continuous delivery processes
  • Provide product security related coaching/mentoring and security expertise for all software and firmware development teams in HCE
  • Participate in select, high profile penetration testing projects with executive report outs
    YOU MUST HAVE
    • Bachelors degree
    • 7 years of cyber security engineering experience
      WE VALUE
      • Passion for working with development teams to make more secure, harder to defeat products
      • Familiarity with most of the following with subject matter expertise in at least three:
        • Jenkins / Bamboo
        • Public Key Infrastructure Design, Implementation, and Deployment
        • DevSecOps
        • Linux for ARM
        • Python
        • Java / Groovy
        • Ghidra  / IDA Pro
        • Secure ARM A9 / M4 / M43 Microprocessor Configuration
        • ARM TrustZone / TPM or similar devices
        • Printed Circuit Board Layout for Security
        • Protocol Analysis and Exploitation
        • Software Defined Radios
        • FreeRTOS
        • C / C++
        • REST API
        • Open Source Software development and project contributions
        • Penetration testing experience, especially if focused in the device space
        • Extensive knowledge of ARM-based microcontrollers and how to attack / defend devices based on them
        • Experience designing or exploiting hardware-level security features such as Secure Boot, Encrypted Storage, or communication protocols
        • Professional software engineering experience in Java, Groovy, or C.
        • Strong knowledge of python-based development
        • Public speaking at security conferences, especially those focused on reverse engineering
        • Deep understanding of reverse engineering
        • Familiarity with secure software development lifecycle and practices such as threat modeling, security reviews, penetration tests, and security incident response
        • Understanding of security by design principles and architecture level security concepts
        • Up to date knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities
        • Good communication and leadership skills
        • Demonstrated proficiency in public speaking specifically at security conferences
        • Good interpersonal skills with the ability to facilitate diverse groups, help negotiate priorities, and resolve conflicts among project stakeholders
        • Certifications in security and privacy demonstrating deep practical knowledge such as CSSLP 
        • Understanding of Agile software development practices

          Additional Information
          • JOB ID: HRD88129
          • Category: Engineering
          • Location: 715 Peachtree Street, N.E.,Atlanta,Georgia,30308,United States
          • Exempt
          • Due to US export control laws, must be a US citizen, permanent resident or have protected status.