Lead Engineer - Cybersecurity
The person will be a lead subject matter expert and responsible for driving security into Eaton’s new and existing products and solutions along the lines of ‘Secure by Design’ philosophy. This would include providing technical leadership for architecture analysis, threat modeling, risk assessment, cybersecurity requirement identification, vulnerability assessment and penetration testing across products used in Eaton’s electrical, vehicle, aerospace and hydraulics businesses. The role would provide technical mentorship to the team and the organization on security across range of technologies such as web applications, mobile applications, thick clients, wireless devices and Industrial IoT devices and systems.
The Cybersecurity Lead Engineer position will be the lead subject matter expert responsible for driving ‘Secure by Design’ principles across Eaton’s Electrical, Vehicle, Hydraulics and Aerospace teams. The Lead Engineer will be a technical mentor to the team and would be responsible for:
· Identifying, designing and driving technical security architectures, solutions and controls in Eaton products, platforms and systems across its electrical, vehicle, hydraulics and aerospace businesses
· Creating, maintain and communicating cybersecurity controls and architectures and ensuring that various technical leads understand the critical aspects of cybersecurity in their software, firmware and hardware design and implementation.
· Leading verification efforts for cybersecurity implementation across the organization and working with third party certification agencies to drive product certification
· Evangelizing cybersecurity among the technical and business leaders in the organization while providing technical security trainings to software and firmware engineers to build organizational capability
· Contributing to emerging global cybersecurity standards relevant for Eaton’s business in Electrical, Vehicle, Hydraulics and Aerospace domain.
· Monitoring evolving threat landscape, cybersecurity technologies, standards, frameworks and drive continuous improvement in Eaton’s cybersecurity requirements, frameworks and processes
· Demonstrable 8+ years of experience spanning across all phases of Secure Product Development Lifecycle. This includes product/system architecture review, threat modeling to identify cybersecurity requirements and vulnerability assessment & penetration testing
· Strong understanding of potential security vulnerabilities across multiple technologies including web applications, mobile applications, thick clients, wireless systems etc
· Experience working with vulnerability assessment and penetration tools like Kali Linux, Nessus, IBM AppScan, BurpSuite, IDAPro, Achilles, Peach Fuzzer
· Solid understanding of security protocols including HTTPS, HSTS, TLS, SSH, Kerberos, 802.11 security, Bluetooth LE, Zigbee
· Solid understanding of industrial protocols like Modbus/Modbus TCP, Ethernet IP, Profibus, CANOpen
Understanding of evolving threat landscape for embedded and connected devices and
We make what matters work. Everywhere you look—from the technology and machinery that surrounds us, to the critical services and infrastructure that we depend on every day—you’ll find one thing in common. It all relies on power. That’s why Eaton is dedicated to improving people’s lives and the environment with power management technologies that are more reliable, efficient, safe and sustainable. Because this is what matters. We are confident we can deliver on this promise because of the attributes that our employees embody. We’re ethical, passionate, accountable, efficient, transparent and we’re committed to learning. These values enable us to tackle some of the toughest challenges on the planet, never losing sight of what matters.
Region: Asia Pacific
Organization: INNOV Innovation Center
Job Level: Individual Contributor
Is remote work (i.e. working from home or another Eaton facility) allowed for this position?: No
Does this position offer relocation?: No
Travel: Yes, 10 % of the Time