ABOUT THIS FEATURED OPPORTUNITY
The Penetration Test Security Engineer reports to the Product Security Assurance Leader and will be responsible for assessing and evaluating the security posture of a variety of Products and partner technologies. This role will be responsible for security services delivery, which may include use of application/network/firmware/hardware security toolsets, detection of security defects, and remediation consultation of those weaknesses. Our services support the identification of potential attack techniques and serve as the foundation for continuously improving the product development lifecycle.
THE OPPORTUNITY FOR YOU
In this key position, the Senior Pentest Security Engineer will…
- Collaborate as an Individual Contributor with the Product Security Assurance Team
- Deliver Security / Penetration Testing across Honeywell Global Security products, solutions and services
- Assist in the development of modular, repeatable, effective Security Testing processes
- Partner with Tools and Technology Team to select, implement, develop, and automate testing with appropriate tools.
- Work with cross functional teams to develop remediation suggestions
- Report product security observations using the Honeywell standardized reporting structure
KEY SUCESS FACTORS:
- Bachelor’s degree
- 2+ years demonstrated experience in penetration testing.
- Able to be onsite 3 days/week (flexible on days preferred)
- Able to be flexible to global team hours as needed
- Must be US Citizen.
- Covid Vaccination required to be onsite
- Exposure to security testing within the appropriate domain
- Understanding of application protocols, development, and common attack vectors.
- Good cybersecurity capabilities and strong software engineering skills
- Experience with pentest tools and frameworks such as: Burp Suite, IDA Pro, GHidra, Kali, OWASP, Metasploit.
- Scripting experience in Python, Powershell and Bash preferred.
- Basic understanding of security by design principles and architecture level security concepts
- Up to date knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities
- Effective oral and written communication skills
- Good interpersonal skills
- Experience in security testing within the appropriate domain
- Demonstrated project management skills.
- Relevant Cyber Security certifications: CEH, OSCP, GPEN
- Experience and knowledge of penetration testing methodologies and tools
- Public speaking at Technical Conferences
- 2+ years of application development
- Familiarity with reverse engineering tools, debuggers, and dynamic analysis techniques.
Standard Consultant Benefits (For all Standard Roles)
- Medical, Dental, and Vision plans
- Voluntary Benefits - Commuter