Product Cybersecurity Engineer
at Johnson Controls
Belfast, Northern Ireland, United Kingdom -
| Start Date | Expiry Date | Salary | Posted On | Experience | Skills | Telecommute | Sponsor Visa |
|---|---|---|---|---|---|---|---|
| Immediate | 09 Feb, 2025 | Not Specified | 09 Nov, 2024 | N/A | Good communication skills | No | No |
Required Visa Status:
| Citizen | GC |
| US Citizen | Student Visa |
| H1B | CPT |
| OPT | H4 Spouse of H1B |
| GC Green Card |
Employment Type:
| Full Time | Part Time |
| Permanent | Independent - 1099 |
| Contract – W2 | C2H Independent |
| C2H W2 | Contract – Corp 2 Corp |
| Contract to Hire – Corp 2 Corp |
Description:
WHAT WE LOOK FOR
- Basic familiarity with, and keen interest in, formal cybersecurity controls and best practices. E.g., OWASP Top 10, NIST 800-53.
- Ability to liaise and negotiate amongst multiple product stakeholders, including:
- Engineering management, architects, and lead engineers
- Product Security Incident Response Team (PSIRT)
- Global Cybersecurity architects
- Product Management
- Supplier Assessment Team
- Site Reliability Engineering (SRE)
- Legal (Software Copyright / Licensing Compliance, Trade Compliance)
- Individual software and hardware engineers
- Previous development experience, including familiarity with authentication, authorization, and SDKs and local and remote APIs.
- Basic networking experience and understanding
- Understanding of, including ability to reason about and explain common cybersecurity vulnerabilities. E.g., can (to some extent) compare and contrast SOME of:
- Authentication vs. authorization
- Vulnerability vs. weakness
- Hashes vs. ciphers
- SQL injection vs. OS injection
- RNG vs. PRNG vs. cryptographic RNG
- High entropy passwords vs. low entropy
- HSM vs. TEE
- TLS v3 vs. SSL v3
- Stack overflow, buffer overflow, and integer overflow / wraparound.
- Certificate vs. key
- Signature vs. hash
Responsibilities:
WHAT YOU WILL DO
- Liaising with the Hardware/Firmware and Software engineering teams to schedule code reviews/scans as per guidelines outlined by JCI cyber Security Board.
- Working with Senior Cyber architect to run and discuss results of scans, assess where the risks lie, how best to mitigate
- Working with the development team to address cyber risks
- Being the gatekeeper and working with the development team and our customers ensuring that all products and solutions released to the market adhere to the latest security standards.
HOW YOU WILL DO IT
You will work across multiple parallel project releases and work items and will have a strong desire to actively champion product cybersecurity best practices. The ideal candidate will take ownership of issues and work on own initiative, driving work items to successful completion. You will have good time-management and organizational skills and be a continual learner, aware of the ever-changing nature of cybersecurity and keen to stay on top of the latest developments.
REQUIREMENT SUMMARY
Min:N/AMax:5.0 year(s)
Information Technology/IT
IT Software - Other
Software Engineering
Graduate
Proficient
1
Belfast, United Kingdom
