Job
Description
Job Summary: As a Security Software Designer, you will be responsible for designing, developing, and implementing software solutions that protect systems and networks from cyber threats. You will work closely with cross-functional teams to ensure that security is integrated into every phase of the software development lifecycle. Primary responsibilities: 1. Carry security assessment Complying to Wabtec CATO requirements on Embedded Product Using Threat Model, Threat & Risk Analysis and vulnerability analysis. 2. Bring up the Security Architecture and Design as per the Need of the project to mitigate/Remediate the threats and Get final Cybersecurity approval for Release. 3. Design and Develop the Secure Embedded software applications 4. Analyze and propose mitigation for Security scan results - SAST,DAST,SCA and FST requirements. 5. Collaborate with Development team of Different Product lines to propose and integrate the secure Practices in product design lifecycle Qualification / Requirement: Bachelors/Masters degree in CS/E&C/IS with Overall Working experience of 8+ Years in Embedded System with Cybersecurity Proven experience in Secure software design development with security practices. Strong understanding of security protocols, cryptography, and secure coding techniques. Excellent problem-solving skills and attention to detail. Essential Requirements: Very strong technical knowledge on Secure Embedded system Design and Implementation in Bear Metal & Embedded Linux Secure Boot, Serial, USB, Ethernet and IoT Hands experience with Programming Language C, C++ and Python Secure Design Patterns & Principles, Standards IEC62443, NIST 800 Standard OWSAP, CWE Working experience with Network Protocols, network Infrastructure and services in Embedded Linux Firewalls, Router, Switches, VPN, HTTP, SH,SFTP,FTP,TFTP,SNMP,DHCP,MQTT,MQTTS,NTP etc Cryptographic Concept - Storage of passwords, accounts, keys, Certificates use, Crypto Key Management, Key Generation and Key Usage Desired Requirements : Sound Knowledge on the Network Security Protocols HTTPS, SSL,TLS Authentication and Authorization Gitlab Repository and Pipeline Concept Design and Development experience in FPGA, PLC, Cloud and IOT based secure systems Study and Propose best Security design Solution to meet the project needs Understand and Comply to customer proposed security Requirements and Standards Risk Assessment Security Scan tools Knowledge Polaris, Blackduck etc Ability to perceive the system knowledge and Analyse the Threat Surface and Vector of threat Proficient enough to Propose and Conceptualize the Security solution based on the Technology domain Work Model: Hybrid (3 Days a week), May change from time to time based on the Organization policies Travel: Domestic/International- Minimal Based on project need Physical Requirement: Shall be able to be work on hybrid model at Bengaluru facility and collaborate with team members Efficient enough to work long hours on Laptop/System as required by project needs.
