Role Description
Festo is establishing a Product Security Testing team in India, and we are looking for highly motivated Product Security Engineers with experience in security testing, particularly in the domain of Embedded and IoT products.
We seek enthusiastic, young, and talented Product Security Specialist who are passionate about working with industrial devices, identifying security vulnerabilities, and helping the team validate fixes. As a Product Security Engineer, you will collaborate with your teammates in the product security testing team on various products across the organization to ensure that all Festo products are cyber security compliant and free from vulnerabilities.
Your Responsibilities
- Perform penetration testing of Festo products.
- Assist in creating and maintaining test plans and checklists.
- Develop test specifications, test cases, and test plans for security vulnerability testing of Festo products.
- Execute test cases effectively.
- Conduct basic vulnerability Assessment using tools like Nessus, OpenVAS and Nmap etc.
- Perform protocol-level black-box fuzzing tests using various open-source and proprietary tools.
- Support documentation of test results and collaborate with the development team.
- Participate in automating test processes within CI / CD environments.
Our Requirements
Education : Bachelor’s degree in Engineering, Computer Science, Mechatronics, Information Science, Electronics, Cyber Security, or a related field.
Mandatory Experience :
Minimum of 2 years of experience in device security testing , ideally within the Industrial Automation or Automotive sectors.Proficiency in programming languages such as C / C++, Python, or Shell scripting and exposure to CI / CD practices.Familiarity with different industrial protocols, fuzzing protocols, and PLC systems.Hands on experience in the embedded domain.Understanding of the Secure Development Lifecycle and standards such as IEC 62443-4.Experience with tools like OpenVAS, Nessus, Nmap, Wireshark, and penetration testing for embedded or IoT systems. Experience in the embedded domain is required.Familiarity with various industrial protocols (e.g., Profinet, EtherCAT, Ethernet / IP, Modbus, OPC / UA, TSN)Familiarity with PLC systems (e.g., Siemens, Rockwell, Yokogawa, Schneider Electric, Beckhoff, ABB, Omron)Familiarity with automotive communication protocols (CAN, LIN, FlexRay).Relevant certifications are advantageous : OSCP, CRTP, CRTO, eWPTX, CPENT, LPT, PNPT.Job Location : Bengaluru, India
Job Type : Full-time | Hybrid
Experience : 2 years