Systems and Controls Technologies group, operating at the headquarters level of CCS and Otis, the two commercial divisions of United Technologies, is seeking a highly motivated and results driven Cyber Security Engineer to join and enhance Product Cyber Security team. The team is responsible for driving product cyber security strategy, to strengthen the cyber security posture of legacy and go-forward CCS and Otis products and services. This position covers different aspects of product life cycle, including pre-development, development and post-release.
UTC products continue providing differentiated features and services by increasing connectivity and harnessing the power of the Cloud, data analytics, IoT and novel integration mechanisms. As UTC continues defining and shaping new markets, the Cyber Security Team will play a crucial role and have direct measurable business impact. This position will be based in Gdansk, Poland as part of the Gdansk Research and Development Center (GRDC). Successful candidate will be required to travel internationally approximately 20% of the time.
Specific functions / essential duties
- Support various global teams across CCS and Otis during the testing phase with a specific emphasis on penetration testing of various types of systems, include embedded systems, IoT devices, mobile applications and large systems
- Work with non-cyber security engineers to explain the impact of security vulnerabilities and provide recommendations on correcting issues as well as mentoring them on secure cyber security design practices
- Work with global teams across CCS and Otis to ensure commitment to the cyber security strategy of minimizing flaws and improving product resiliency to cyber-attacks by ensuring adherence to the integrated secure development lifecycle process
- Work with the global engineering teams to establish cyber security design policies and ensure that these policies are incorporated into product design, with requirements traceability and system validation and verification.
- Interface with global teams and share best practices and lessons learned
- Refine and support the standard work associated with product cyber security incident response management
- Stay updated on latest cyber security hacking news, technologies and methodologies including:
- Latest forensic and incident response methodologies.
- Attend security or hacker conferences and build up a network of associates
- Work in an environment of continuous improvement and lean process and product development.
- Bachelor of Science/Engineering in cyber security, computer science or a related engineering discipline (at a minimum)
- 5+ years of cyber security engineering and software systems development experience
- 3+ years solid experience with cyber security penetration test involving both manual as well as use of automated tools. Example tools include Kali Linux, AppScan, Burp Suite
- Experience with reverse engineering and fuzz testing
- Experience with mobile app testing, database testing, protocol testing and certificate management
- Strong product development background with various languages such as C,C++, C#, Java, Python
- Working knowledge of various cryptographic systems and requirements for authentication, authorization and encryption for various types of systems
- Knowledge of different types of security vulnerabilities and safeguards at different layers of hierarchical systems, including the embedded layer and system layer
- Excellent written and verbal communication and presentation skills, including presentation planning and delivery skills. Adept at communicating with globally disperse cross functional teams, including non-native English speaking team members.
- Cyber Security certifications such as OSCP, CEH, CISSP, GSEC is a plus
- Working with a highly talented development team
- Friendly working atmosphere
- Flexible working hours
- Competitive salary
- Relocation package
- Opportunities to enhance English proficiency
- UTC's Employee Scholar Program
- The ability to advance within UTC
- Private medical care
- Pension plan with life insurance
- In house English lessons
- Participation in sport activities
- Lunch allowance
- Clear career path providing development opportunity