Campus Pride Jobs

Description:

As a Cybersecurity Engineer you will be responsible for working with other Building Automation System (BAS) controls and software engineering team members to identify business, technology and product risks and vulnerabilities in the early stages and embed security requirements to address and validate them. A lot of this is done by conducting security assessments where the activities will include threat modeling, attack modeling, security DFMEA, vulnerability assessment, triaging, and reporting.

• Define and develop processes and methodologies for designing secure systems

• Engage with teams to conduct security risk assessments and conform to organizational remediation/mitigation timelines in different phases of the secure product development lifecycle

• Provide product security support to development teams, including reviewing and explaining security tools and processes, providing vulnerability explanations and remediation guidance

• Support ongoing vulnerability and patch management through tracking, triaging and prioritizing across all products to minimize the potential security risk

• Help drive system and product requirements to meet the regulatory and compliance requirements (like GDPR, ISO, ISA/IEC, SOC2, FedRAMP)

• Assist with training and mentoring of security champions

• Partner with third-party vendors to deliver software security tools and services

• Provide expert consultation on application security requirements and best practices with vulnerability scanning and secure application design

• Partner closely on security operations tasks with cross-functional teammates in IT, DevOps, Engineering, Compliance, and Test

• Manage 3rd party partners and vendors supplying cybersecurity-related services

• Identify the design implications within a platform and system and work with teams to minimize vulnerabilities

• Influence program decisions to reduce the risk exposure of the company

• Participate in Zero-day remediation, Hotfixes, and Incident Response efforts

• Identify and review test coverage for the security aspects of the system

Additional Skills & Qualifications:

• Bachelor's or Master's degree in Computer Science, Electrical Engineering or similar engineering discipline with an emphasis on cyber security

• 8+ years of cumulative experience in software development and engineering expertise in Application, *Network, Cloud, Mobile, IoT, ICS, *Embedded systems, APIs

• 5+ years of expertise in Product Security, Security Architecture and Security Assessment: Threat Modeling, Secure Development, Risk Assessment, Threat Analysis, DFMEA, Penetration testing, SDLA tools

• Strong understanding of operational technology principles, concepts, and techniques

• Strong knowledge of current security threats, techniques, and landscape, as well as a self-motivated desire to research current in the cybersecurity landscape

• Strong knowledge of OpenSSL, TLS mutual authentication, PKI, digital signatures, and certificate management

• Ability to research, develop, and keep abreast of tools, techniques, and process improvements in support of security detection and analysis following current and emerging threats

• Implementation experience or knowledge of security controls

• Should have good knowledge of security containers, hands-on experience with DevSecOps principles, and a good handle on end-to-end DevSecOps processes

• Technical understanding of cloud-native architecture and engineering best practices (AWS, Azure, Google Cloud)

• Working experience with OWASP Top 10 for web applications

• Knowledge of penetration testing techniques, application security vulnerabilities, OWASP Top 10, SANS 25, CWE, etc

• Knowledge of Security Industry Standards and Frameworks: e.g., NIST, ISA/IEC, GDPR, SOC2

• Excellent verbal and written communication skills, with the ability to communicate to all levels of the organization.

About Actalent

Actalent is a global leader in engineering and sciences services and talent solutions. We help visionary companies advance their engineering and science initiatives through access to specialized experts who drive scale, innovation and speed to market. With a network of almost 30,000 consultants and more than 4,500 clients across the U.S., Canada, Asia and Europe, Actalent serves many of the Fortune 500.

Diversity, Equity & Inclusion

At Actalent, diversity and inclusion are a bridge towards the equity and success of our people. DE&I are embedded into our culture through:

• Hiring diverse talent

• Maintaining an inclusive environment through persistent self-reflection

• Building a culture of care, engagement, and recognition with clear outcomes

• Ensuring growth opportunities for our people

The company is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.

If you would like to request a reasonable accommodation, such as the modification or adjustment of the job application process or interviewing process due to a disability, please email actalentaccommodation@actalentservices.com (%20actalentaccommodation@actalentservices.com) for other accommodation options.