What You’ll Do
The Cybersecurity Engineer will be part of a global team of security experts driving ‘Security by Design’ philosophy in Eaton product, solutions & services."Engineer - Cybersecurity will be part of a global team of Cybersecurity experts driving ‘Security by Design’ philosophy in Eaton product and solutions.
He/she Will Be Responsible For
- Performing Vulnerability Assessment & Penetration Testing on existing and upcoming Eaton products, solutions & services spanning a wide range of technologies including IoT devices, systems & solutions, web applications, mobile applications, thick clients, wireless devices, embedded systems deployed across Eaton electrical sector businesses.
- Support the Threat Modeling and Risk Assessment exercises with product teams early in the design and development phase to identify applicable cybersecurity requirements across a variety of Mobility related products, systems & solutions.
- Support the certification OR compliance of Eaton products under schemes like UL2900, IEC62443 and other emerging standards.
- Building tools, scripts and automation frameworks around security to achieve Eaton-scale impact.
- Evangelizing and providing technical security trainings to software developers and test engineers across the organization and evangelizing the importance of cybersecurity in other functions like sales, services and product & project management.
- Monitoring evolving threat landscape, cybersecurity technologies, standards, frameworks and drive continuous improvement in Eaton’s cybersecurity requirements, frameworks and processes.
- Support Cybersecurity Project management & OpEX processes to help drive efficiencies, optimizations & continuous improvements in CCoE's various processes & engagements"
Qualifications
Bachelor’s or master’s degree in Computer Science, Electronics Engineering, Electrical Engineering.1-2 years of relevant experience in Product cybersecurity. (one-year could be waived in-lieu of a Masters Degree)
Skills
"The engineer should be -
- Able to work independently on these product certifications with minimal guidance.
- Able to perform cybersecurity testing required for Eaton products with minimal guidance.
- Able to produce detailed product assessment reports with descriptions, mitigations etc, for product teams.
- 7) Able to understand technical cybersecurity concepts in depth and be able to apply those concepts to Eaton products for cybersecurity testing.
- Able to support Threat Modeling and Risk Assessment for Eaton products
- Having hands-on experience in various Cybersecurity activities including but not limited to - Cybersecurity assessments and penetration testing; Authentication and access control; Applied cryptography and security protocols; secure coding; preferably on embedded, ICS and IoT products.
- Having hands on expertise with cybersecurity tools like Nessus, Black Duck, Defensics, Nessus, Burpsuite, Coverity, Kali Linux etc.
- Having Good understanding of security protocols (HTTPS, HSTS, TLS, SSH, 802.11 security, Bluetooth, Zigbee) and ICS protocols (IEC 61850, DNP3, Modbus, WirelessHART, CAN)
- Having knowledge of attacks and mitigation in : Network protocols and secure network design; Operating system internals and hardening (e.g. Windows, Linux, OS X, Android); Web application and browser security.
- Having certifications like CEH, OSCP is a plus."
"1) Ability to work in and with diverse & multi-cultural and geographically dispersed teams
- Ability to collaborate across multi-disciplinary teams (Development Teams, product management, project management)
- Ability to present to various levels of engineering and business leadership globally."
