Principal Product PKI Engineer at Johnson Controls

, , India -

Full Time

Start Date

Immediate

Expiry Date

01 Mar, 26

Salary

0.0

Posted On

01 Dec, 25

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Product Security, Software Security, Secure SDLC, Cybersecurity, Agile Methodologies, Linux OS, Programming Languages, Security Tools, Embedded Systems, Penetration Testing, Data Protection, Risk Management, Communication Skills, Cybersecurity Certifications, Problem Solving, Change Management

Industry

Industrial Machinery Manufacturing

Description

Technical and operational excellence, thought leadership, and integrative thinking. · Expert knowledge and practical product and software security experience, including secure SDLC practices, security and privacy by design architectures, and secure by default configurations. · Strong problem-solving skills to analyze cybersecurity issues and requirements (legal/regulatory, policy, customer, industry standards) and relate them to appropriate security controls. · Demonstrated ability to lead change initiatives that intelligently manage software cyber risks. · Proven ability to deliver results using agile methodologies and tools (e.g. Scrum/Kanban, Jira). · Understanding of agile software development and continuous integration/deployment. · Practical experience with Linux OS, programming and scripting languages (e.g. Java, Python, Perl), and security tools (e.g. Kali, Nessus, Netsparker, openVAS, BurpSuite, Metaspolit). · Understanding of embedded systems architectures (e.g. ARM, Cortex), embedded systems tools/emulators, RTOS/Linux, network protocols and programming languages (such as C/C++). · Understanding of penetration testing, reverse engineering, software attack vectors, fault injection, device fingerprinting, and tamper resistance. · Understanding TPM, Secure Boot, OTP, PKI, SPI/I2C bus analyzers, JTAG probing. · Knowledge of current security threats and techniques for exploiting software vulnerabilities. · Understanding of web and mobile application secure design principles such as OWASP. · Understanding of data protection, secure cloud, and network infrastructure design principles. · Familiarity with technology risk management related frameworks such as RMF, NIST 800-53, ISA/IEC 62443, UL CAP, ISO 27001, GDPR, CSL, CSA, SOC 2 and other comparable. Experience with Operational Technologies (e.g. Controls Systems, Building Management) a plus. · Superior interpersonal, organizational, written/verbal communication, and presentation skills. · Ability to build trust with stakeholders and explain complex security topics to all audiences. · Active participation in hackathons, cybersecurity competitions, and exercises are a plus. · CSSLP, CISSP, CCSP, OSCP, CEH or related cybersecurity certifications. · Bachelors degree in Cybersecurity, Computer Science, Engineering, Information Systems, or related technical degree. · Minimum of 7 years of experience with at least 5 years in software or product cybersecurity. · Travel is occasional at approximately 10%, including international. Johnson Controls: Enhancing the Intelligence of Buildings Your buildings have a purpose. They are places for people to live or work. Facilities for learning or healing. Venues for entertainment and shopping. Sites for the specialized storage of tangible goods or mission-critical data. Your buildings have a huge variety of functions; they are central to your mission. This is where Johnson Controls comes in, helping drive the outcomes that matter most. Through a full range of systems and digital solutions, we make your buildings smarter. A smarter building is safer, more comfortable, more efficient, and, ultimately, more sustainable. Most important, smarter buildings let you focus more intensely on your unique mission. Better for your people. Better for your bottom line. Better for the planet. At Johnson Controls, we’ve been making buildings smarter since 1885, and our capabilities, depth of innovation experience, and global reach have been growing ever since. Today, we offer the world’s largest portfolio of building products, technologies, software, and services; we put that portfolio to work to transform the environments where people live, work, learn and play.

How To Apply:

Incase you would like to apply to this job directly from the source, please click here

Responsibilities

The Principal Product PKI Engineer will lead initiatives to manage software cyber risks and ensure technical and operational excellence. This role requires strong problem-solving skills to analyze cybersecurity issues and deliver results using agile methodologies.