This job board retrieves part of its jobs from: Toronto Jobs | Emplois Montréal | IT Jobs Canada

God Enriches | Local jobs for the people of Arizona

To post a job, login or create an account |  Post a Job

Information Security Engineer

Honeywell International Inc.

This is a Full-time position in Phoenix, AZ posted July 11, 2021.

Lead Cyber Security Engineer, Penetration Testing

Join a team recognized for leadership, innovation and diversity

The future is what you make it.

When you join Honeywell, you become a member of our global team of thinkers, innovators, dreamers and doers who make the things that make the future.

That means changing the way we fly, fueling jets in an eco-friendly way, keeping buildings smart and safe and even making it possible to breathe on Mars.

Working at Honeywell isn’t just about developing cool things. That’s why all of our employees enjoy access to dynamic career opportunities across different fields and industries.

Are you ready to help us make the future?

At Honeywell Advanced Connected Sustainability Technologies (ACST), our outstanding team of scientists, engineers, and professionals develop groundbreaking technology by applying their expertise in complex hardware and software control systems, atomic physics, ultra-high vacuum environments, cryogenics, cyber security and others.

The Penetration Test Security Engineer role is focused on vulnerability research, reverse engineering, and exploit development against internal products & services. Honeywell ACST conducts full-scope vulnerability assessment, exploit development, and penetration testing against Space Systems, Aeronautics, Industrial systems, manufacturing and enterprise IT. The ideal applicant would have an intense desire to exploit real world systems and be knowledgeable in a wide range of security issues including various computing architectures, network comms protocols, programming languages and defenses. 

In this position, the Penetration Test Security Engineer will…

  • Engage in all phases of Red Team operations including: reconnaissance, exploitation, lateral movement
  • Have strong focus on IoT and Embedded Device Testing (cloud, mobile, API, hardware, network, firmware, and RF)
  • Perform security assessments in Cloud environments (AWS, Azure, Google)
  • Use and customize commercial and open-source security assessment tools 
  • Modify and use payloads to avoid common detection methods
  • Deploy, configure, and manage infrastructure to support Offensive operations 
  • Use computer network, application, database, Cloud, and web exploitation techniques
  • Conduct Active Directory and enterprise network exploitation
  • Leverage OPSEC techniques including network traffic monitoring, post-exploitation activities, and payloads to blend in with target environments
  • Run Web Application and API debugging and analysis
  • Have familiarity with reverse engineering tools, debuggers, and dynamic analysis techniques.
  • Have an understanding of application protocols, development, and common attack vectors.
  • Continually work to improve the knowledge and capabilities of yourself & the team 

YOU MUST HAVE:

  • Bachelor’s degree in computer science or software engineering, electrical engineering or technical discipline
  • 10+ years demonstrated experience in security engineering
  • U.S. Citizenship required in order to obtain and maintain government security clearance

WE VALUE:

  • Experience in application penetration testing (Web, Mobile, thick client, IoT) with tools such as but not limited to…Kali Linux, Burpsuite, Ghidra, IDA Pro, Metasploit, Netsparker, Acunetix, Nessus, etc.
  • Have knowledge and experience in OWASP Top 10
  • Application development or software engineering experience
  • Scripting or development experience with Python, bash, Powershell, Perl, C, C++, Java, C#, etc.
  • Excellent understanding of security by design principles and architecture level security concepts 
  • Good cyber security capabilities including application protocols, development, and common attack vectors. 
  • Familiarity with reverse engineering tools, debuggers, and dynamic analysis techniques
  • Ability to script advanced attacks
  • Ability to ‘fuzz’ applications and protocols for new vulnerabilities and able to fully exploit newly discovered vulnerabilities
  • Ability to discover advanced logic flaws and multiple step architectural errors
  • Experience and knowledge of penetration testing methodologies and tools
  • Up to date knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities

Additional Information

  • JOB ID: HRD126009
  • Exempt
  • Must have or be eligible for a security clearance due to contractual requirements.

Global (ALL)

Honeywell is an equal opportunity employer. Qualified applicants will be considered without regard to age, race, creed, color, national origin, ancestry, marital status, affectional or sexual orientation, gender identity or expression, disability, nationality, sex, or veteran status.

Email this job

Send this job to yourself or a colleague.

Your Name

Amanda

Mechanical Project Engineer

Describe a typical day in your work life.

Get tailored job recommendations based on your interests.

Sign up for alerts and get notified when jobs like this are posted.

Enter Email address

Join The Talent Honeywell Community

Honeywell is an equal opportunity employer. Qualified applicants will be considered without regard to age, race, creed, color, national origin, ancestry, marital status, affectional or sexual orientation, gender identity or expression, disability, nationality, sex, religion, or veteran status.