Talent.com
This job offer is not available in your country.
(Code : FLiT) Consultant - Cybersecurity - Embedded Engineering / IOT (remote)

(Code : FLiT) Consultant - Cybersecurity - Embedded Engineering / IOT (remote)

SSS Grameen Serviceshyderabad, AP, in
8 days ago
Job type
  • Remote
  • Quick Apply
Job description

Job Description

This is a remote position.

Project Client : Global Specialist in Energy Management and Automation

10+year experienced Embedded Engineering Cybersecurity Analyst for their runtime team in the industrial automation.

The runtime team is an integral part of EcoStruxure Automation Expert. This position is focused on Cybersecurity aspects of architecture, design, implementation, and maintenance of runtime codebase.

Requirements

Roles & Responsibilities :

  • Work with the runtime Cybersecurity Advisor / Coach to ensure each release of the runtime SDK is developed according to Secure Development Lifecycle (SDL), to meet internal and external cybersecurity standards, regulatory compliance, and the needs of customers.
  • Provide cybersecurity expertise through guidance in architecting, designing and threat model mentoring to members during development cycle. Perform cybersecurity code review for pull requests as part of the SDL process.
  • Evaluation, tracking, and resolution of product and runtime cybersecurity issues and related technical debt in 3rd party packages, reported both internally and from external sources, such as :

Cybersecurity vulnerabilities (CVEs)

OS / package patches : Debian GNU / Linux, VxWorks

Commercial / FOSS packages : Mongoose, UA-HPSDK, OpenSSL, mbedTLS, fmt, libyuarel, Frozen, optionparser, zlib, among others.

Management and use of tools for static and dynamic code analysis (Coverity, SQuORE, Halgrind, Valgrind, CppCheck) and Software Composition Analysis (Black Duck Binary Analysis, Black Duck Hub) in 3rd party packages and current code base with maintaining the mentioned :

Address false-positive findings, evaluate and triage bugs, resolving or assigning to an SME as appropriate.

Evaluate BDBA / BDH findings and work with the runtime teams to resolve.

Ensure qualimetry data for all significant branches (master branch, release branches, component branches) is current and accessible for use by management with keen attention on the mentioned :

Setup to support new releases as needed

Regular / scheduled and on-demand scans to timely detect abnormalities.

Monitor the changes and notify if trending is upward

Create and update formal report on branches

Benefits

Skills Required

  • Engineering degree (BS in Electrical, Computer Science, Robotics, or related discipline)
  • 8 - 12 years’ experience of code development for multitask embedded system running in Linux, VxWorks / RTOS, and windows.
  • Seasoned programming skills with object-oriented design (C / C++) and scripting languages (Python, Bash, Shell, PowerShell)
  • Knowledge of cybersecurity issues common to C / C++. Knowledge of Common Vulnerabilities and Exposures. Knowledge of IEC 62443-4-2.
  • Familiarity with Open-source software (OSS), Git, GitHub, Debian GNU / Linux, Ubuntu.
  • Familiarity with Software Composition Analysis (SCA), Static Code Analysis and Static Application Security Testing (SAST), Fuzz testing
  • Demonstrate ability to work with cross functional and global teams, and the ability to align and bring best in class processes, coding standards.
  • The Ideal consultant should be able to work with members in India, Europe and U.S. EST time zone.

    • Requirements

    embedded security

    Create a job alert for this search

    Engineering Embedded • hyderabad, AP, in