11 days old

Senior Cyber Security Engineer - Tools

Honeywell
Atlanta, GA 30303

Innovate to solve the world's most important challenges
Honeywell is charging into the Industrial IoT revolution with the establishment of Honeywell Connected Enterprise (HCE), building on our heritage of invention and deep, on-the-ground industry expertise. HCE is the leading industrial disruptor, building and connecting software solutions to streamline and centralize the assets, people and processes that help our customers make smarter, more accurate business decisions. Moving at the speed of software, we are creating, innovating and delivering solutions fast, challenging the way things have always been done, piloting new ways for all of us to work, and expecting our successes to set new standards for our customers and for Honeywell.

Are you a cyber professional who desires to make a difference in the everyday security of people?  Someone who wants to drive real improvements into real products in an environment with strong organizational support for product security?
 
As a key member of our growing product security team, you'll leverage your proven experience and...
  • Drive product security process activities to incorporate effective security for all software and firmware development in HCE 
  • Help select, develop, deploy, and maintain cyber security services across the enterprise supporting over 1,000 projects and 10,000 developers
  • Develop HCE design patterns and standards for product security beginning with component selection and continuing through layout, testing, and processor configuration
  • Lead efforts with the security teams to ensure they are getting effective, affordable, and understandable methods to properly design and develop our products
  • Partner with the development teams to enable them to integrate the standards into their continuous delivery processes
  • Provide product security related coaching/mentoring and security expertise for all software and firmware development teams in HCE
  • Participate in select, high profile penetration testing projects with executive report outs
    YOU MUST HAVE
    • Bachelors degree
    • 4 years of cyber security engineering experience
      WE VALUE
      • Passion for working with development teams to make more secure, harder to defeat products
      • Familiarity with most of the following with subject matter expertise in at least two:
        • DevSecOps
        • Protocol Analysis and Exploitation
        • Linux
        • Python
        • Java / Groovy
        • Jenkins / Bamboo
        • JTAG
        • I2C
        • Ghidra or IDA Pro
        • Secure ARM A9 / M4 / M43 Microprocessor Configuration
        • ARM TrustZone / TPM or similar devices
        • Printed Circuit Board Layout for Security
        • Software Defined Radios (SDR)
        • FreeRTOS
        • C / C++
        • REST API
          • Open Source Software development and project contributions
          • Penetration testing experience, especially if focused in the device space
          • Extensive knowledge of ARM-based microcontrollers and how to attack / defend devices based on them
          • Experience designing or exploiting hardware-level security features such as Secure Boot, Encrypted Storage, or communication protocols
          • Strong knowledge of python-based development
          • Public speaking at security conferences, especially those focused on reverse engineering
          • Deep understanding of reverse engineering
          • Familiarity with secure software development lifecycle and practices such as threat modeling, security reviews, penetration tests, and security incident response
          • Understanding of security by design principles and architecture level security concepts
          • Up to date knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities
          • Good communication and leadership skills
          • Good interpersonal skills with the ability to facilitate diverse groups, help negotiate priorities, and resolve conflicts among project stakeholders
          • Certifications in security and privacy demonstrating deep practical knowledge such as CSSLP 
          • Understanding of Agile software development practices

            Additional Information
            • JOB ID: HRD88130
            • Category: Engineering
            • Location: 715 Peachtree Street, N.E.,Atlanta,Georgia,30308,United States
            • Exempt
            • Due to US export control laws, must be a US citizen, permanent resident or have protected status.