Najnowsze oferty pracy

  • Analityk / Analityczka bezpieczeństwa IT (SOC)

    PKP CARGO S.A.   Kraków    praca stacjonarna
    specjalista junior / mid / senior  umowa o pracę  pełny etat
    1 dni
    Wyzwania, jakie na Ciebie czekają: Monitorowanie zdarzeń cyberbezpieczeństwa w czasie rzeczywistym; Wyszukiwanie zależności pomiędzy zdarzeniami, kategoryzowanie zdarzeń; Zbieranie kluczowych informacji, ich analiza i interpretacja w celu eskalacji do odpowiednich linii wsparcia; Przyjmowanie...
  • DevOps Engineer

    JTI GBS Poland sp. z o.o.   Warszawa    praca hybrydowa
    specjalista (mid)  umowa o pracę  pełny etat
    3 dni
    Position: Purpose of the position is to provide DevOps services for the rapidly expanding JTI Ecommerce & Digital Ecosystem. The current position covers the following objectives/tasks: Responsible for ensuring that JTI DevOps standards and policies are followed within DES. Responsible for ensuring...
  • Analityczka / Analityk ds. analiz i modelowania cyberzagrożeń

    PKO Bank Polski   Warszawa, Chmielna 89    praca stacjonarna
    specjalista mid / senior / ekspert  umowa o pracę  pełny etat
    3 dni
    Na co dzień w naszym zespole:wykrywasz i badasz potencjalne zagrożenia oraz tworzysz nowe pomysły ich wykrywania,• wyszukujesz oznak ataków oraz niepożądanej obecności w infrastrukturze naszego Banku,analizujesz i badasz metody ataków w tym technik, scenariuszy i narzędzi, wraz z...
  • Data Protection Lead

    Aon   Kraków    praca hybrydowa
    kierownik/koordynator / menedżer  umowa o pracę  pełny etat
    9 dni
    Responsibilities: Oversees the status of DP compliance and carries out the operational aspects of the mitigation plans to meet Aon's DP requirements; Works with BUs to maintain and update records of processing activities (RPA), conducts annual reviews in line with Aon procedures, ensures the...
Zobacz więcej ofert pracy
Praca.pl Praca Podlaskie Security Engineer Podlaskie
Cyber Security Architect/ Discipline Lead

Cyber Security Architect/ Discipline Lead

UTC Fire & Security
podlaskie, Gdańsk
praca stacjonarna
2587 dni temu

Systems and Controls Technologies group, operating at the headquarters level of CCS and Otis, the two commercial divisions of United Technologies, is seeking a highly motivated and results driven Cyber Security Engineer to join and enhance Product Cyber Security team. The team is responsible for driving product cyber security strategy, to strengthen the cyber security posture of legacy and go-forward CCS and Otis products and services. This position covers different aspects of product life cycle, including pre-development, development and post-release.

 

UTC products continue providing differentiated features and services by increasing connectivity and harnessing the power of the Cloud, data analytics, IoT and novel integration mechanisms. As UTC continues defining and shaping new markets, the Cyber Security Team will play a crucial role and have direct measurable business impact. This position will be based in Gdansk, Poland as part of the Gdansk Research and Development Center (GRDC). Successful candidate will be required to travel internationally approximately 20% of the time.

Cyber Security Architect/ Discipline Lead
Location: Gdańsk

 

 

Specific functions / essential duties
  • Serve as a mentor and lead newly created, Gdansk-based cyber security team.
  • Work with global teams across CCS and Otis to ensure commitment to the cyber security strategy of minimizing flaws and improving product resiliency to cyber-attacks, by ensuring adherence to the integrated secure development lifecycle process.
  • Work with global engineering teams to establish cyber security design policies and ensure that these policies are incorporated into product design, with requirements traceability and system validation and verification.
  • Continually enhance the capabilities of Gdansk cyber security team :
    • Preparing actionable training and hiring plans
    • Identification of technology and methodology gaps
    • Participation and leading technical and industry committees
    • Creation of discipline health score cards
  • Develop and maintain plans for legacy product assessment and remediation, creating risk categories and prioritizations and closely working with business units to develop a clear plan of action
  • Interface with global teams and share best practices and lessons learned
  • Refine and support standard work associated with product cyber security incident response management
  • Stay updated on latest cyber security hacking news, technologies and methodologies including:
    • The latest attack methodologies including penetration testing and red-team methodologies.
    • Latest forensic and incident response methodologies.
    • Attend security or hacker conferences and build up a network of associates
  • Work in an environment of continuous improvement, lean process and product development.
Education and Experience Requirements:
  • Bachelor of Science/Engineering in cyber security, computer science or a related engineering discipline (at a minimum)
  • 8+ years of cyber security engineering and software systems development experience
  • In-depth experience and knowledge of requirements capture, cyber security threat modeling and systematic discovery of threats, as a part of Secure Development Lifecycle
  • Knowledge of different types of security vulnerabilities and safeguards at different layers of hierarchical systems, including the embedded layer and system layer
  • Strong knowledge in various cryptographic systems and requirements for authentication, authorization and encryption for various types of systems
  • Experience enforcing cyber security standards for software architectures, including ensuring that security standards are properly addressed and developing risk mitigation plans
  • Intimate knowledge and experience with incident response management of cyber security reported as well as self-discovered vulnerabilities
  • At least 2 years hands-on experience with penetration testing methodologies and tools
  • Experience in program management or engineering project leadership of complex systems from the conceptual stage through to production for a global market. Intimate knowledge of software development methodologies and the software development lifecycle in agile as well as staged-gate process
  • Knowledge of state of the art security analysis tools and various product cyber security safeguards. These include threat modeling, source code analysis, dynamic analysis, penetration testing and audit/compliance tools
  • Excellent written and verbal communication and presentation skills, including presentation planning and delivery skills. Adept at communicating with globally disperse cross functional teams of design, marketing, service, manufacturing, aftermarket and R&D, including non-native English speaking team members.
  • Prior product development background with various languages such as C,C++, C#, Java, Python
  • Cyber Security certifications such as OSCP, CEH, CISSP, GSEC is a plus
Our offer includes:
  • Working with a highly talented development team
  • Friendly working atmosphere
  • Flexible working hours
  • Competitive salary
  • Relocation package
  • Opportunities to enhance  English proficiency
  • UTC's Employee Scholar Program
  • The ability to advance within UTC
  • Private medical care
  • Pension plan with life insurance
  • In house English lessons
  • Participation in sport activities
  • Lunch allowance
  • Clear career path providing development opportunity
Please add the following clause: I agree to the processing of my personal data contained in my job offer for the needs of the recruitment process (pursuant to the Personal Data Protection Act of 29.08.1997, unified text of 26.06.2014, Journal of Laws 2014, item 1182). I also state that I was advised of the fact that giving personal data is voluntary and that I have the right to access and correct the content of my data.
 

Podobne oferty

  • Analityk / Analityczka bezpieczeństwa IT (SOC)

    PKP CARGO S.A.   Kraków    praca stacjonarna
    specjalista junior / mid / senior  umowa o pracę  pełny etat
    1 dni
    Wyzwania, jakie na Ciebie czekają: Monitorowanie zdarzeń cyberbezpieczeństwa w czasie rzeczywistym; Wyszukiwanie zależności pomiędzy zdarzeniami, kategoryzowanie zdarzeń; Zbieranie kluczowych informacji, ich analiza i interpretacja w celu eskalacji do odpowiednich linii wsparcia; Przyjmowanie...
  • DevOps Engineer

    JTI GBS Poland sp. z o.o.   Warszawa    praca hybrydowa
    specjalista (mid)  umowa o pracę  pełny etat
    3 dni
    Position: Purpose of the position is to provide DevOps services for the rapidly expanding JTI Ecommerce & Digital Ecosystem. The current position covers the following objectives/tasks: Responsible for ensuring that JTI DevOps standards and policies are followed within DES. Responsible for ensuring...
  • Analityczka / Analityk ds. analiz i modelowania cyberzagrożeń

    PKO Bank Polski   Warszawa, Chmielna 89    praca stacjonarna
    specjalista mid / senior / ekspert  umowa o pracę  pełny etat
    3 dni
    Na co dzień w naszym zespole:wykrywasz i badasz potencjalne zagrożenia oraz tworzysz nowe pomysły ich wykrywania,• wyszukujesz oznak ataków oraz niepożądanej obecności w infrastrukturze naszego Banku,analizujesz i badasz metody ataków w tym technik, scenariuszy i narzędzi, wraz z...
  • Data Protection Lead

    Aon   Kraków    praca hybrydowa
    kierownik/koordynator / menedżer  umowa o pracę  pełny etat
    9 dni
    Responsibilities: Oversees the status of DP compliance and carries out the operational aspects of the mitigation plans to meet Aon's DP requirements; Works with BUs to maintain and update records of processing activities (RPA), conducts annual reviews in line with Aon procedures, ensures the...