23 Iec 62443 Jobs

Cyber Security Specialist Experience- 4 to 7 years. Location- Pune Qualification- Bachelor of Engineering/Technology - BE/BTech Electronics/Masters in Electronics/Electronics & Telecommunication Engineering Job Description: Awareness of Cybersecurity Standards IEC 62443 standard (4-1 and 4-2) Develop and implement Test framework/environment for Cybersecurity Penetration and Vulnerability tests for various KB Products Verification & Validation of Network and System security vulnerabilities Understanding of Safety threat and risk analysis, participation in the change management process. Understanding of Cybersecurity threat and risk analysis and security issues in electronic product/system/architecture Proficiency in scripting and programming language (Python, Embedded C/C++ etc.) Strong attention to detail with an analytical mind and outstanding problem-solving skills. Great awareness of cybersecurity trends and hacking techniques. Daily administrative tasks, reporting, and communication with the relevant departments in the organization. Excellent written, oral Communication skills Focal point of contact for all Cybersecurity related topics in KB TCI organization Enhance awareness about Cybersecurity practices amongst cross functional developers Certification in cyber security (any) will be an added advantage. Skills: Cybersecurity Penetration Tools, Risk Assessment Methodologies, IACS Cybersecurity Standards like IEC 62443,TS50701,Safety Standards Knowledge(MISRA 2012,Automotive),

Rockwell Automation is a global technology leader focused on helping the world's manufacturers be more productive, sustainable, and agile. With more than 28,000 employees who make the world better every day, we know we have something special. Behind our customers - amazing companies that help feed the world, provide life-saving medicine on a global scale, and focus on clean water and green mobility -our people are energized problem solvers that take pride in how thework we do changes the world for the better. We welcome all makers, forward thinkers, and problem solvers who are looking for a place to do their best work. And if that's you we would love to have you join us! Job Description Job Summary: Deliver and execute the assigned project / work package on time with good quality, cost effectiveness and customer satisfaction. Ensure technical deliverables matches project / work package requirements. Save engineering cost for GEBS team through application and technical expertise. Ensure site activities are completed as desired by customer and in specified time frame. You will report to the Execution Manager. Your Responsibilities: Conduct risk assessments for OT systems (e.g., SCADA, PLCs, and DCS). Develop and implement OT-specific GRC frameworks. Ensure compliance with standards like IEC 62443, NIST CSF, and ISO 27001. Creating Business Continuity, Incident Response, Disaster Recovery plans and procedures. Collaborate with cybersecurity teams to align OT and IT governance. Advise on regulatory requirements (NERC CIP, GDPR, local safety laws). Support audits and incident response planning for OT environments. Deliver training and awareness programmes for OT personnel. Understand routing and segmentation concepts like VLANs. Technical knowledge of firewalls, IDS and similar. Technical knowledge of OT technologies, networking, and protocols. Have a good understanding of an OT environment (common OT areas, personnel involved, OT constraints). Being able to explore the customer main systems under consideration. Understand basic OT flows : client-server, user operativity, user permissions. Basic knowledge about different OT vendors (Siemens, ABB, Schnieder, Mitsubishi. Understand a network diagram being able to identify the different assets and understand, on a high level, how are they connected. Identify network equipment being able to identify a switch, wireless Access Points, routers, net diodes, and firewalls. Identify and trace physically connected assets and documenting them in a network topology. Extract switches configuration and capture traffic. Understand general system configurations like O.S group policy, VMs, update mechanism. Being able to identify potential vulnerabilities and threats . Being able to identify current installed countermeasures/controls including, monitoring, end points security solutions, hardening measures (antivirus/EDR, GPO). Need to create ICS security monitoring and remediation policies using industry-standard reference architecture mapping such as the IEC62443. The Essentials - You Will Have: Bachelor's degree in electrical engineering, Industrial Engineering, Computer Science or Information Technology or related technology-driven degree. 8+ years of experience in Manufacturing Control Systems, Network Engineering, and Industrial Security Controls. Security certifications such as IEC 62443, CISSP, GISP, CSSK, or CISM is required. 8+ years of hands-on experience creating ICS security monitoring and remediation policies using industry-standard reference architecture mapping such as the IEC62443. Previous experience working as part of a large, multi-disciplinary global team completing full project life-cycle implementations. Travel Requirements. Flexibility for travel 20% - 30% is required and can include both domestic and international trips. Legal authorization to work in the country of residence is required. Recognized Security certifications such as IEC 62443, CISSP, GISP, CSSK, or CISM is required. The Preferred - You Might Also Have: Master's Degree in Cybersecurity. Configuring IT/OT network infrastructure equipment (Cisco Switches, Virtual Server Environments, Cisco ASA). Experience with AV, EDR or NAC. Experience with monitoring, analyzing, and understanding log sources for threat hunting. Knowledge of common system exploits, network attacks, phishing techniques, and malware. What We Offer: Our benefits package includes Comprehensive mindfulness programmes with a premium membership to Calm. Volunteer Paid Time off available after 6 months of employment for eligible employees. Company volunteer and donation matching programme - Your volunteer hours or personal cash donations to an eligible charity can be matched with a charitable donation. Employee Assistance Program. Personalised wellbeing programmes through our OnTrack programme. On-demand digital course library for professional development. ... and other local benefits! #LI-Hybrid #LI-RS1 Rockwell Automation's hybrid policy aligns that employees are expected to work at a Rockwell location at least Mondays, Tuesdays, and Thursdays unless they have a business obligation out of the office.

Join Us as a Cybersecurity Architect! Are you ready to make a significant impact in an innovative environment At ORBCOMM, were on the hunt for a passionate Cyber Security Architect who thrives in a fast-paced, agile setting. We want you to transform your ideas into action and drive our mission forward! As a key member of our cybersecurity team, youll collaborate closely with engineering and corporate IT functions, lead risk assessments, and ensure our products comply with global security standards. Your work will directly impact ORBCOMMs mission to deliver secure, scalable, and innovative IoT solutions worldwide. Why Youll Love Working Here As a Cyber Security Architect, you will focus on supporting our engineering teams with driving security by design principles into our product development lifecycle. You will also be responsible for leading security risk assessments and assisting teams with formulating remediation plans for discovered vulnerabilities. In this pivotal role you ensure that our products are secure by design and remain resilient against evolving cybersecurity threats. With a flexible hybrid work schedule, you can enjoy the best of both worldscollaborating onsite at our Hyderabad office while also benefiting from the flexibility of remote work. What Youll Do Lead security risk assessments and vulnerability analyses for SaaS platforms, IoT devices, and embedded software/firmware. Design and implement product-level security controls and countermeasures to defend against evolving cyber threats. Support security incident response and remediation efforts across the product landscape. Collaborate with engineering teams to integrate cybersecurity best practices throughout the product design and development lifecycle. Work with cross-functional teams to ensure product compliance with ORBCOMMs corporate security and IT policies. Drive alignment with industry cybersecurity standards and support compliance certifications such as SOC2, ISA/IEC 62443, etc. Partner with the Data Privacy Officer to ensure product alignment with privacy standards and policies. Monitor and stay informed of emerging cybersecurity technologies, threats, and trends within the IoT domain. Who You Are You are a security-focused technical leader with deep experience in embedded systems or cloud platforms, especially if you have: Bachelors or Masters degree in Engineering, Computer Science, Cybersecurity, or a related field. ISC2 Certified Secure Software Lifecycle Professional (CSSLP) certification is required. Demonstrated experience in embedded hardware/software development; experience in IoT systems is a strong plus. Familiarity with cloud platform security (AWS, OCI, or equivalent). Proficiency in industry standards such as ISA/IEC 62443, SOC2 Type I/II, or similar frameworks. Strong understanding of encryption protocols, authentication mechanisms, and modern security tools. Knowledge of industrial cybersecurity frameworks and secure product development best practices. Clear and effective communicator, comfortable interfacing with both technical and business stakeholders. Excellent problem-solving, risk assessment, and analytical skills.. Then we want to meet you! About Us At ORBCOMM, were pioneers in IoT technology, that drives innovation and empowers our clients to make data-driven decisions. Our industry-leading solutions enable customers to boost productivity, streamline operations and increase their bottom line. With over 30 years of experience and the most comprehensive solution portfolio in the industry, we enable the management of millions of assets worldwide across diverse sectors including transportation, heavy industries, satellite, and maritime. Discover how ORBCOMM is transforming industries and unlocking the potential of data to drive meaningful change by visiting us at www.orbcomm.com ! Ready to Join Us We believe that our people are our greatest asset. Your skills and passion can help us achieve remarkable things! If youre seeking a thrilling career opportunity in a vibrant, growth-oriented environment, ORBCOMM is the perfect fit for you. We are committed to building a diverse and inclusive workplace and appreciate all applicants for their interest in joining our team. Only candidates selected for an interview will be contacted. At ORBCOMM, we are also dedicated to ensuring accessibility and are pleased to offer accommodations for individuals with disabilities upon request throughout all aspects of the selection process. Show more Show less

Position: OT Cyber Security Engineer Job Location: Mumbai Skill Set: IEC 62443, NIST 800, NIST CSF, Control System Certification: GICSP or CISSP Experience: 10 to 15 Years Job Description: Carry out OT Cyber Security Engineering with strong networking hands-on skills. Draft Security Network Architecture as per Project / Best Practice Develop Network and Cybersecurity Device Configuration sheet Configure Network Simulation Labs to prove network design before implementation on actual devices. Identify potential network & cybersecurity problems and suggest resolutions. Study Networking and cybersecurity requirements in ITB during proposal, project Execution. Develop Network and Cybersecurity related FEED/DD (detail design) documents during proposal, project Execution. Coordinate with MAC vendor & Industrial Control System Vendors Participate in Design Freeze, FAT, SAT. Support for Network and cyber security issues at project sites Must be comfortable to Visit outside of India also if required. Education: Full time Bachelors degree in Instrumentation & Control / Electronic & Instrumentation Engineering / Telecommunication / Information Security from NIT or equivalent college

Responsibilities Align OT Cyber risk with Enterprise and organization risk. Demonstrate comprehensive knowledge of OT systems, networks, and software. Exhibit a thorough understanding of OT cyber security principles, threats, and best practices. Successfully conduct comprehensive security risk assessments to evaluate and improve the organizations security posture. Qualifications Minimum Mandatory: Degree or equivalent in an IT or similar discipline from an institute recognized by UGC / AICTE. Certifications: ICS/SCADA Essential, IEC 62443 , GICSP, GCIP, GRID Experience Essential: 5 - 10 years of work experience in cyber security with exposure to OT/ IT. Show more Show less

Job Description Role Profile: The Cyber and IT Audit Manager will oversee IT and cybersecurity audits, managing a team of auditors to assess IT processes and Operational Technology (OT) environments. The manager will ensure audits are aligned with the companys strategic objectives and regulatory requirements, with a focus on delivering value and identifying critical risks in IT and cybersecurity. This role includes responsibility for overseeing security assessments and implementing audit methodologies that support continuous improvement. Responsibilities ' Manage and execute a portfolio of IT and cybersecurity audits, focusing on complex audits related to IT general controls, cybersecurity frameworks, and OT environments. Oversee medium complexity security assessments for IT and OT systems, ensuring comprehensive audit coverage. Collaborate with the CAE, IT audit Director and IT stakeholders to build an audit pipeline, addressing emerging risks and identifying areas for process improvement. Lead the development of audit programs and methodologies, ensuring alignment with industry best practices and regulatory frameworks (e.g., NIST, COBIT, IEC 62443). Manage audit staff, providing guidance and ensuring adherence to professional standards (IIA, ITGC). Present audit findings to senior management, communicating risks, recommendations, and opportunities for improvement. Qualifications ' 7+ years of experience in IT auditing, cybersecurity, and OT systems. Proven experience managing audits and teams, with a focus on IT governance, cybersecurity, and risk management. Expertise with security assessment tools (e.g., Nmap, Nessus, Kali Linux, Metasploit, Burp Suite) and audit methodologies for IT and OT systems. Strong understanding of industry frameworks (NIST, COBIT, ISO 27001, MITRE ATT&CK) and IEC 62443 for OT environments. OT knowledge and experience is highly desirable. Certifications such as CISSP, CISA, CISM, OSCP, OSWP, CRTP, CEH, HTB CPTS, HTB CBBH, HTB CWEE are preferred. Bachelors or Masters degree in Information Technology, Cybersecurity, or related disciplines. Strong leadership, project management, and communication skills, with the ability to influence stakeholders at all levels. At Nextracker, we are leading in the energy transition, providing the most comprehensive portfolio of intelligent solar tracker and software solutions for solar power plants, as well as strategic services to capture the full value of solar power plants for our customers. Our talented worldwide teams are transforming PV plant performance every day with smart technology, data monitoring and analysis services. For us at Nextracker, sustainability is not just a word. It&aposs a core part of our business, values and our operations. Our sustainability efforts are based on five cornerstones: People, Community, Environment, Innovation, and Integrity. We are creative, collaborative and passionate problem-solvers from diverse backgrounds, driven by our shared mission to provide smart solar and software solutions for our customers and to mitigate climate change for future generations. Culture is our Passion Show more Show less

Role & responsibilities Bachelor of Science/Engineering in cyber security, computer science or a related engineering discipline 14+ years of product cyber security engineering and software systems development experience; at least 2 years hands-on experience with penetration testing methodologies and tools. In depth knowledge of IEC 62443 and related cybersecurity standards. In-depth knowledge of requirements captures, cyber security threat modeling and systematic discovery of threats, as part of Secure Development Lifecycle, with broad understanding of potential vulnerabilities at different layers of hierarchical systems Cyber security certifications such as OSCP, GSEC, CEH Knowledge of state-of-the-art security analysis tools and various product cyber security safeguards. These include threat modeling, source code analysis, dynamic analysis, penetration testing and audit/compliance tools Excellent written and verbal communication and presentation skills. Adept at communicating with globally disperse cross functional teams. (Preferred) Strong knowledge in various cryptographic systems and requirements for authentication, authorization and encryption for various types of systems (Preferred) Intimate knowledge and experience with incident response management and risk assessment

Title: OT Operation and Security Consultant Job Title: Senior Consultant/ Assistant Manager OT (Operational Technology) Security & Consulting Location: Anywhere in India (Any Protiviti office) Travel: Up to 70% travel to the Middle East (UAE, KSA, Oman, Qatar, Kuwait, Bahrain etc.) Experience: 8+ Years Preferred Certificate: ISA/IEC 62443 Certification (any level), CISA, CRISC, CEH Employment Type: Full-time | Auditing & Consulting | Client-facing Position Summary: We are looking for a highly skilled Senior Consultant/ Assistant Manager OT Security & Consulting to join our Audit and Risk Advisory practice. The role requires hands-on experience in Operational Technology (OT) environments, focusing on Operational aspects, security assessments, governance reviews, and regulatory compliance audits for critical infrastructure. This role will be based in India, with frequent travel to client sites across the Middle East (up to 70%). The ideal candidate will bring deep domain knowledge in OT/ICS cybersecurity, solid audit experience, and the ability to work across industrial sectors including Oil & Gas, Utilities, Aviation, and Telecom. Key Responsibilities: OT Security Assessments Perform security audits of OT environments, including SCADA, PLC, DCS systems, and IIoT integrations. Review OT-specific policies and procedures for access management, configuration baselines, and asset inventories. Assess implementation of network segmentation, firewalls, and endpoint protection mechanisms in OT infrastructure. Evaluate OT vulnerability management, patching practices, and secure configurations. Assess backup & disaster recovery mechanisms for OT systems with focus on RTO/RPO alignment. Conduct OT-specific incident response readiness reviews, including logging, alerting, and simulation exercises. Review logging and monitoring practices using SIEM or similar tools for OT systems. OT Governance & Strategic Alignment Review OT strategy documents and validate alignment with business objectives and regional regulations (e.g., GACAR, ICAO). Evaluate OT governance structures including roles, responsibilities, and oversight mechanisms. Assess integration of cybersecurity risk into strategic planning. Review OT-related stakeholder engagement and communication mechanisms. Regulatory & Compliance Perform compliance assessments against global and regional standards: IEC 62443, NIST 800-82, NCA ECC, ISO 27019, GACAR, ICAO. Develop detailed audit reports, control gap analyses, and risk treatment recommendations. Support development of risk and control matrices (RCMs) and minimum baseline security standards. Experience: Minimum of 8+ years in OT/ICS cybersecurity, consulting, or auditing roles. Strong hands-on exposure to OT protocols (Modbus, DNP3, OPC, etc.), SCADA/DCS/PLC systems. Experience with risk assessment, control testing, and policy development in industrial environments. Prior consulting experience in sectors such as Energy, Utilities, Oil & Gas, Aviation, or Manufacturing is highly preferred. Certifications (Mandatory: One or more recent): GICSP – GIAC Global Industrial Cyber Security Professional ISA/IEC 62443 Certification (any level) CISM or CISSP (preferred) CISA – Certified Information Systems Auditor (audit-focused candidates) ISO 27001:2022 Lead Auditor CRISC – Certified in Risk and Information Systems Control (desirable) Interested candidates can directly share their updated resumes at kirti.goyal@protivitiglobal.in

Cybersec Security Advisor Job description: Are you passionate about tackling complex data problems? Do you thrive on using your analytical and cybersecurity skills to solve large-scale challenges? Are you intrigued by the intersection of complex business processes and data-driven approaches? If so, we'd love to hear from you! At Schneider Electric, we are undergoing a transformative journey by leveraging Artificial Intelligence & Automation technologies to empower users with Machine Learning and Cognitive computing, driving business value. Simultaneously, as the number of cybersecurity threats continues to grow, we recognize the importance of having a comprehensive cybersecurity approach across our solutions to safeguard our business and customers. We seek a cybersecurity professional to join our AI Digital Risk Leader & Data Officer team to drive the implementation of Secure development process in our AI organization. To ensure a cohesive cybersecurity strategy implemented throughout our AI HUB, you will collaborate closely with AI Cybersecurity teams but also Autonomous spokes team in NAM and GSC. The role The Security Advisor is responsible for the adoption and implementation of the SDL framework following the Schneider Electric SDL V2 process and in compliance to the SE SDL Policy and other cybersecurity policies, procedures, and best practices, and to advise on cybersecurity technical requirements for the development of secure products and systems. The Security Advisor regularly interacts with key stakeholders (including representatives from marketing, R&D offer development, technical leaders, and leadership team members) as well as stakeholders from the Business Unit Security Team and the corporate Product Security Office (PSO) to ensure that cybersecurity guidelines and processes are executed in an efficient and effective manner. Key Responsibilities for the Role • Act as Subject Matter Expert, serve as a consultant and advisor for cybersecurity topics within AI development teams. Provide guidance, coaching and expertise to execute SDL practices such as threat modelling, secure design practices, secure coding and implementation, and security testing. • Gather SDL and Cybersecurity metrics to contribute to data driven strategies and plans to aid in the deployment of SDL and cybersecurity functionality as required by cybersecurity standards such as IEC62443, and to further improve SDL and Cybersecurity effectiveness and efficiency. • Ensure that their assigned development teams abide with risk-driven cybersecurity processes and controls. • Support development teams to manage vulnerability triage and resolution • Support internal SDL audits and Formal Cybersecurity Reviews (FCSRs) and other supported Schneider data security and privacy processes. • Conduct training and presentations to build cybersecurity competencies within teams. • Track organizational maturity using cybersecurity maturity frameworks and track other SDL-related goals as directed. Qualifications - External Key skills and requirements • Ability to align operational/information security policies with business requirements. • Process driven with attention to detail, ability to translate operational/information security requirements into security controls in coordination with architects. • Ability to effectively adapt to and apply rapidly changing technology and security requirements to business needs. • Knowledge of static code analysis tools, secure coding standards, fuzz and penetration testing, and formal security reviews. • Working knowledge of security and privacy standards, regulations, and legislation. • Demonstrated ability to develop threat models, analysing threats, and rate threat severity using established industry practices • Experience with AI and ML technologies and services (Machine Learning, Conversational AI, Computer Vision, No Code / Low Code AI) Qualifications & Experience • Customer-oriented with a service-oriented attitude (flexible, personable, and approachable) • Certification in Cybersecurity Management such as CISSP, CSSLP; and/or IEC 62443 Certified Specialist. • Experience of working in an Engineering/R&D group following a Secure Development Lifecycle based on standards such as IEC 62443, ISO 21434, or Microsoft SDL; with a proven ability to engage with management and development teams. • Experience guiding and assisting organizations in implementing security product/system development practices. • Experience in driving corporate programs using influence, negotiation, and persuasion soft skill set. • An understanding of domain appropriate communication mechanisms protocols • Strong communication skills, including the ability to render concise reports, summaries, and presentations. • Project management or technical leadership skills preferred.

Secure OT/ICS/SCADA environments by implementing cybersecurity measures tailored for industrial systems and protocols Required Candidate profile Experts in OT/ICS cybersecurity with knowledge of industrial protocols, plant systems, and critical infrastructure protections.

Minimum requirement: Min 3-year experience performing security testing on Industrial control system components like PLCs, SCADA, IIOT devices etc. Equivalent science or engineering degree Min. one professional certifications such as Certified Ethical Hacker (CEH), ISA/IEC 62443, OSCP or certified Penetration Tester preferred.

Minimum requirement: Min 3-year experience performing security testing on Industrial control system components like PLCs, SCADA, IIOT devices etc. Equivalent science or engineering degree Min. one professional certifications such as Certified Ethical Hacker (CEH), ISA/IEC 62443, OSCP or certified Penetration Tester preferred.

Minimum requirement: Min 3-year experience performing security testing on Industrial control system components like PLCs, SCADA, IIOT devices etc. Equivalent science or engineering degree Min. one professional certifications such as Certified Ethical Hacker (CEH), ISA/IEC 62443, OSCP or certified Penetration Tester preferred.

Role & responsibilities Proven experience in conducting penetration tests, vulnerability assessments, and security audits across diverse environments. Knowledge of OT-ICS Security standards, including ISA/IEC 62443, NIST 800-82, NERC-CIP etc. Proficiency in using penetration testing tools and frameworks such as Nessus, Burp Suite, Nmap, and other ethical hacking tools. Understanding of component/system architectures in OT environments. Preferred candidate profile Perks and benefits

Role & responsibilities Proven experience in conducting penetration tests, vulnerability assessments, and security audits across diverse environments. Knowledge of OT-ICS Security standards, including ISA/IEC 62443, NIST 800-82, NERC-CIP etc. Proficiency in using penetration testing tools and frameworks such as Nessus, Burp Suite, Nmap, and other ethical hacking tools. Understanding of component/system architectures in OT environments. Preferred candidate profile Perks and benefits

Key Responsibilities: Ensure complete compliance with internal cybersecurity policies and frameworks ; identify and resolve any OT-related security deficiencies. Maintain an accurate inventory of all Operational Technology (OT) assets through platforms like Claroty or equivalent. Demonstrate deep technical knowledge of OT devices and network infrastructure including PLCs, HMIs, SCADA systems, desktops, and communication protocols such as Modbus, Modbus TCP, TCP/IP; expertise in VLANs and Firewall configuration is essential. Monitor potential cyber threats and manage remediation activities in coordination with remote support teams and internal security operations. Support and drive plant-level cybersecurity transformation projects , ensuring sustainable and compliant operations. Exhibit strong interpersonal and communication skills to coordinate effectively with internal teams and stakeholders. Key Competencies: Functional Competencies: Solid technical background in Operational Technologies . Strong understanding of plant infrastructure , OT network layers, and industrial security protocols. Capability to work with cross-functional teams including IT, operations, and third-party vendors. Familiarity with IEC 62443 standards and other cybersecurity frameworks. Experience in planning, coordination, and execution of OT security tasks. Behavioral Competencies: Customer-centric mindset with ownership of responsibilities. Strong written and verbal communication skills. Responsiveness and accountability in time-critical situations. Candidate Profile: Education: B.E / B.Tech Experience: 3 to 5 Years in OT cybersecurity, automation, or industrial network security Preferred Background: Automation, Technology, Industrial Cybersecurity, or related industries Critical Skills: Cybersecurity coordination, threat monitoring, OT asset management, network security, stakeholder engagement

Job Description: The Industrial Cybersecurity Assessor will evaluate the security of network-connectable devices, products, and industrial equipment systems. This will include the analysis of products under evaluation, the support and training of engineers for evaluation projects. Working on connected technologies Industrial OT/ IIoT, IoT using the security framework, certification as per IEC-62443 standards within several unique ecosystems including Smart buildings, Smart Cities, Smart Manufacturing -Industry4.0, Factory automation The ideal OT candidate shall possess an understanding of OT fundamentals and best cybersecurity practices. Responsibilities: Shall be able to provide personalized guidance and support to customers, considering project planning, training, assessment, documentation, and implementation. Formal report writing in line with customer and certification scheme requirements. Support IEC 62443 certification of components, products, and systems. Support the Project Management team on evaluation scoping, resource requirements, certification body and customer expectations, delivering projects within the expected time. Pro-actively identifies relevant industry trends and drive knowledge / expertise development in this domain, by coaching colleagues and taking ownership of activities to increase customer awareness of UL (including papers, articles, conference attendance). Provides upgrades to UL and industry technical requirements on security requirements along with other standard bodies by collaborating the Software & Security team. Supports security team in building and improving ULs assurance programs and services. Provides high-level technical support to the operations department and internal staff. This may include planning, logistics, updating procedures, training, and quality issues. Provides sales support and the sale of more complex projects. Ensures internal procedures such as timely updates on project progress, invoicing and other administrative processes are being followed. Qualifications: University Degree (Equivalent to a bachelors degree), preferably in Cybersecurity, Instrumentation and Controls, Computer Science, Information Technology, Mathematics or a technically related discipline At least 2-5 years of relevant work experience, proven background in customer facing advisory services, technical expertise. Experience with IEC 62443 standard, Industrial automation, and control systems-DCS/ICS/SCADA/PLC/OT Protocols/OT security. Have proven experience in customer facing advisory services (project and delivery), and knowledge of product certification methodologies. Have a competency in cybersecurity domain (Risk Management, Asset Security, Network Security, Identity & Access Management etc.) and in other cybersecurity solutions. Have strong communication skills and the ability to facilitate presentations and quickly adapt to various technical and organizational environments. About the Team: The world has never been more connected. Which means your skills as a cybersecurity expert have never been more essential. We hack for good, uncovering threats and understanding how bad actors operate. Whether its connected vehicles, medical devices or smart appliances, youll help keep products safe and secure in an increasingly threatened world. Join our team, collaborate with a global community of experts and use your skills to shape a more secure future.

Senior Cybersecurity Specialist Are you an experienced cybersecurity professional who is excited about practical application of cybersecurity into industrial and IoT environments We would like to have you on our team to keep smart cities cybersecure! The KONE Technology and Innovation (KTI) function is where the magic happens at KONE. It's where we combine the physical world - escalators and elevators - with smart and connected digital systems. We are changing and improving the way billions of people move within cities every day. Within the KONE Technology & Innovation unit, we have a dedicated Cecurity team for assuring the security of KONE's products and solutions as well as applications used by KONE's business lines. Buzzwords: Application security, Cloud security, SDL, DevSecOps We are now looking for a person to support and drive the Security Development Lifecycle (SDL) activities in KONE solution development projects. Our solutions range from connected elevator systems to cloud services and to mobile applications for technicians and for end users. As a Senior Cybersecurity Specialist, you will be responsible for supporting KONE development teams globally to identify and implement security requirements and to review and test the solutions as they have been implemented. You enjoy working in co-operation with development teams to offer solutions for security problems and practical guidelines on how to implement security in the projects. You get to conduct threat analysis and identify the appropriate security requirements. You don't shy away from getting hands on with application owners and developers to guide them or help them implement the necessary security controls. Through validation and testing you ensure that controls are implemented, and the requirements fulfilled. You support our becoming and existing Security Champions to succeed in their roles by guiding, identifying their skill gaps, and providing training. You might be an experienced security-minded software developer, or perhaps you are a cybersecurity professional who has specialized in application security. You can communicate with various audiences, and you can deal both with the big picture as well as with details when so required. The position is located in Pune, India. Responsibilities Act as a cybersecurity advisor and provide security expertise and guidance to development and operations teams. Conduct risk-based security impact assessments to classify applications and assign appropriate security requirements. Translate requirements into actionable tasks and guide stakeholders in understanding and implementing them. Detect security issues during validation and operation using automation and scenario-based testing. Help teams to understand and mitigate risks and vulnerabilities. Review and enhance security documentation and assessments from Security Champions, offering constructive feedback. Monitor R&D and IT stakeholder needs and deliver targeted security training or clinics. Collaborate within the Cybersecurity team to improve KONE's security management system, SDL standards, processes, and tools. Requirements 5+ years of experience in cybersecurity. CISSP, CSSLP or other relevant certifications are considered a plus. Educational qualifications (B. Sc. or M Sc. in computer science, business administration, information technology management, information systems security or related) Practical experience in implementing Security Development Lifecycle (SDL) in agile software projects (for example, Microsoft SDL, OWASP, BSIMM) Familiarity with security standards and best practices (for example: ISO 27001, IEC 62443, OWASP) Experience in threat modeling and security risk assessment Experience with DevSecOps practices and tools (SCA, SAST, DAST) Experience with cloud platforms (AWS or Microsoft Azure) Why to join KONE's cybersecurity team We at KONE's cybersecurity team are at an interesting point currently. Our focus has been on modernizing enterprise cybersecurity to limit risks with day-to-day operations but at the same time, we are building our industrial and product cybersecurity. KONE is on a digitalization journey and our elevators are transforming from a steel box on the end of a rope into central platforms of smart buildings. We are bringing totally new kinds of innovative solutions to the market to enable even smarter people flow. As our offering becomes more digital, excellent cybersecurity plays a crucial role in building customer trust. KONE Technology and Innovation We are changing and improving the way billions of people move within buildings every day. Hardware is where we've always shined, but today, digital expertise - IoT, analytics, AI, automation, simulation, to name a few - is equally important for our continued success. What's KONE Technology & Innovation like as a workplace We like to think of ourselves as a diverse tribe, pulling together to understand and meet the ever-changing needs of our customers, from concept through to design, down to every single finished product. This all happens in an atmosphere of trust and respect, typified by our Nordic values, a healthy work-life balance, and a flat hierarchy. Read more on

Interface with industrial protocols: OPC UA/DA, Modbus, BACnet.Configure telemetry pipelines using REST APIs, WebSockets, gRPC. Generate network diagrams, configuration documents, and audit. validate Orbital edge devices at industrial client sites.

Diversity hiring for Cyber Security Engineer - 5 to 10 Years at Bangalore. Position Cyber Security Engineer Experience – 5 to 10 Years Location – Bangalore Job Description: 5-8 years of experience in cybersecurity engineering, preferably in the manufacturing or industrial control systems (ICS) sectors. Strong knowledge of cybersecurity principles, risk management, and threat analysis. Proficiency with cybersecurity tools and technologies used for monitoring, detection, and incident response. Familiarity with cybersecurity standards and regulations such as IEC 62443, ISO 27001, NIST, etc. Relevant certifications such as CISSP, CISM, CEH, or GIAC are preferred. If interested, please share cv on omkar@hrworksindia.com Regards, Omkar 8208497043

Role Overview: The Senior Product Cyber Security Engineer/Architect works with product development teams across all regions globally to ensure commitment to the cyber security strategy of minimizing flaws and improving product resiliency to cyber-attacks by ensuring adherence to the integrated secure development lifecycle process, which embodies a secure-by-design defense in depth philosophy. You will be a strong technical expert in matters related to threat modeling and cyber controls and will report to a team manager responsible for product architecture review and testing. On a typical day you will: Work with product development teams and carry out functional cyber risk assessments to support their cyber requirements throughout the entire development cycle. Develop standard work documents for cyber controls that meet technical requirements (for both systems and components) arising from standards such as IEC 62443 Coordinate with quality and product development teams to periodically update cyber security design policies and ensure that these policies are incorporated into product design, with requirements for traceability and system validation and verification. What You Will Need to be Successful: Bachelor of Science/Engineering in cyber security, computer science or a related engineering discipline 14+ years of product cyber security engineering and software systems development experience; at least 2 years hands-on experience with penetration testing methodologies and tools. In depth knowledge of IEC 62443 and related cybersecurity standards. In-depth knowledge of requirements captures, cyber security threat modeling and systematic discovery of threats, as part of Secure Development Lifecycle, with broad understanding of potential vulnerabilities at different layers of hierarchical systems Cyber security certifications such as OSCP, GSEC, CEH Knowledge of state-of-the-art security analysis tools and various product cyber security safeguards. These include threat modeling, source code analysis, dynamic analysis, penetration testing and audit/compliance tools Excellent written and verbal communication and presentation skills. Adept at communicating with globally disperse cross functional teams. (Preferred) Strong knowledge in various cryptographic systems and requirements for authentication, authorization and encryption for various types of systems (Preferred) Intimate knowledge and experience with incident response management and risk assessment

Designation: Senior Lead Engineer - Product Cyber Security Years of experience: 8 12 Years Location Hyderabad On a typical day you will: Perform DAST, SAST & Pentest for different products Perform Threat Modeling and Architecture reviews for new products and design changes with existing products Handle Product Cyber Incident Response activities and Active contribution to Risk Management Work with product development teams towards secure DevOps activities and CI/CD integration issues with Security tools Work with product development teams and carry out functional cyber risk assessments to support their cyber requirements throughout the entire development cycle. What You Will Need to be Successful: Bachelor of Science/Engineering in cyber security, computer science or a related engineering discipline 8+ years of product cyber security engineering and software systems development experience; at least 4 years hands-on experience with penetration testing methodologies and tools. In depth knowledge of IEC 62443 and related cybersecurity standards. In-depth knowledge of requirements captures, cyber security threat modeling and systematic discovery of threats, as part of Secure Development Lifecycle, with broad understanding of potential vulnerabilities at different layers of hierarchical systems Cyber security certifications such as OSCP, GSEC, CEH Knowledge of state-of-the-art security analysis tools and various product cyber security safeguards. These include threat modeling, source code analysis, dynamic analysis, penetration testing and audit/compliance tools Excellent written and verbal communication and presentation skills. Adept at communicating with globally disperse cross functional teams. (Preferred) Strong knowledge in various cryptographic systems and requirements for authentication, authorization and encryption for various types of systems (Preferred) Intimate knowledge and experience with incident response management and risk assessment

Role & responsibilities Job Title: Senior Lead Engineer - Product Cyber Security Years Of Experience: 8-12 Years Role Overview: The Security Sr Lead Engineer/Tech Specialist works with product development teams across all regions globally to ensure commitment to the cyber security strategy of minimizing flaws and improving product resiliency to cyber-attacks by ensuring adherence to the integrated secure development lifecycle process, which embodies a secure-by-design defense in depth philosophy. You will be a strong technical expert in matters related to pentesting and cyber controls and will report to a team manager responsible for product architecture review and testing. This role is part of the Product Cyber team (under the Global DT Cyber team) which focuses on continuously improving the cyber posture of products that are often installed in customer's environments. On a typical day you will: Perform DAST, SAST & Pentest for different products Perform Threat Modeling and Architecture reviews for new products and design changes with existing products Handle Product Cyber Incident Response activities and Active contribution to Risk Management Work with product development teams towards secure DevOps activities and CI/CD integration issues with Security tools Work with product development teams and carry out functional cyber risk assessments to support their cyber requirements throughout the entire development cycle. Coordinate with quality and product development teams to periodically update cyber security design policies and ensure that these policies are incorporated into product design, with requirements for traceability and system validation and verification. Interface with global teams and share best practices and lessons learned Refine and support the standard work associated with product cyber security incident response management Work closely with the product testing teams to validate recommended security controls Continually enhance the capabilities of the Cyber security team: Identification of technology and methodology gaps Participation and leading technical and industry committees Creation of discipline health score card. Work in an environment of continuous improvement and lean process and product development. good to have knowledge in Agile methodologies. Stay updated on latest cyber security hacking news, technologies and methodologies including: The latest attack methodologies include penetration testing and red-team methodologies. Latest forensic and incident response methodologies. Attend security or hacker conferences and stay on the cutting edge What You Will Need to be Successful: Bachelor of Science/Engineering in cyber security, computer science or a related engineering discipline 8+ years of product cyber security engineering and software systems development experience; at least 4 years hands-on experience with penetration testing methodologies and tools. In depth knowledge of IEC 62443 and related cybersecurity standards. In-depth knowledge of requirements captures, cyber security threat modeling and systematic discovery of threats, as part of Secure Development Lifecycle, with broad understanding of potential vulnerabilities at different layers of hierarchical systems Cyber security certifications such as OSCP, GSEC, CEH Knowledge of state-of-the-art security analysis tools and various product cyber security safeguards. These include threat modeling, source code analysis, dynamic analysis, penetration testing and audit/compliance tools Excellent written and verbal communication and presentation skills. Adept at communicating with globally disperse cross functional teams. (Preferred) Strong knowledge in various cryptographic systems and requirements for authentication, authorization and encryption for various types of systems (Preferred) Intimate knowledge and experience with incident response management and risk assessment Preferred candidate profile