Job Requirements
5 - 10 years of experience
This job post is managed by
Angel Papa
Last active 2 years ago
Skills
Job description for Advanced Cyber Security Architect/Engineer (Researcher) at Honeywell
Key Responsibilities:
· Analyze common process control systems or architectures to identify and evaluate security strengths and weaknesses.
· Investigate emerging attacker methodologies, including malware, attack vector, attack path, an attacker tools to assess their functionality, origin, and purpose.
· Research solutions to challenging industrial cyber security problems.
· Executing engagements; defining scope, coordinating attacks, executing tests and reporting findings, following an established methodology following defined processes
· Stay ahead of the Singapore Cybersecurity R&D program.
· Identify and handle third-party research partners to clearly define roles and responsibilities, perform due diligence, and generate progress reports.
· Be aware of current products and technologies in the cyber security domain
· Maintain up-to-date awareness of computer network exploitation and attack tools and tradecraft, threats and vulnerabilities, and respective countermeasures.
· Ability to write/craft clear, understandable documentation that translates complicated technical processes to a target audience. That includes technical publications; industry conference presentations; course development and delivery; and prototype tools and techniques.
· Keep technically current with the Honeywell Process Solutions (HPS) networking, cyber security, and wireless product/systems portfolio, while maintaining expert knowledge on specifically designated network disciplines
· Collaborates with and provides consulting services to internal and external clients in a trusted advisor role.
· Prepare technical reports and documentation.
· Requires 10% travel for conferences and meetings.
Key Experience & Capabilities:
· Master’s or higher degrees desired, but a minimum of a bachelor’s degree in a computer-related field such as Computer Science, Computer information systems, electronics, or in lieu of degree 7 years of related experience.
· Experience in networking and cyber security technologies
· Advanced knowledge of cyber security, including authoritative knowledge in one or more malware analysis, reverse engineering, vulnerability detection/mitigation, information assurance
· Familiarity with one or more of the following programming and scripting languages:
o Java
o C/C++/C#
o Python
o PowerShell
o JavaScript
· Working experience with virtualization, networking, open-source, and Microsoft
· CISSP, OSCP, GCFA, or related security certifications
· Good to have experience in Industrial Control Systems Technologies
· Expert knowledge of the life cycle of network threats, attacks, attack vectors, and methods of exploitation with an understanding of intrusion set tactics, techniques, and procedures
· Experience working with the government, or within a critical infrastructure sector.
· Experience publishing research and academic papers.
· Ability to analyze complex software systems for cyber security flaws.
· In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform
· Understanding of networking fundamentals, including network hardware, systems, protocols, and network management applications and tools.
· Strong analytical and problem-solving skills, and the ability to work both independently and as part of a team.
· Hands-on experience analyzing high volumes of logs, network data (e.g. NetFlow, Full Packet Capture), and other attack artifacts in support of incident investigations.
· Experience in security technology and proficiency with the following: Anti-Virus, HIPS, IDS/IPS, Full Packet Capture, Host-Based Forensics, and Network Forensics.
· Strong knowledge of Microsoft technologies including Active Directory, DNS, WSUS, Terminal Server, PowerShell, SQL Database, etc.
· Experience with log collection, management, and reporting
· Experience with enterprise and industrial wireless technology
· Strong report writing skills and ability to explain complex security issues in a formal presentation format.