Join a team recognized for leadership, innovation and diversity Advanced Cyber Security Researcher (Penetration Testing) – Krakow, PL.
Honeywell is seeking an Advanced Cyber Security Researcher (Penetration Testing) to join growing team of leaders responsible for the establishment and maintenance of security development lifecycle best practices within Honeywell Aerospace business. This is a hybrid role, 3 days in office, 2 from home.
The Advanced Cyber Security Researcher reports to the Product Security Assurance Leader and will be responsible for assessing and evaluating the security posture of a variety of Honeywell Aerospace Products and partner technologies. This role will be responsible for security services delivery, which may include use of application, network, firmware, mobile, hardware security toolsets, detection of security defects, and remediation consultation of those weaknesses. Our services support the identification of potential attack techniques and serve as the foundation for continuously improving the product development lifecycle.
In this key position, the Advanced Cyber Security Researcher will:
Collaborate as an Individual Contributor with the Product Security Assurance Team.
Deliver Security / Penetration Testing across divers Honeywell Aerospace products, solutions and services.
Assist in the development of modular, repeatable, effective Security Testing processes.
Partner with Tools and Technology Team to select, implement, develop, and automate testing with appropriate tools.
Work with cross functional teams to develop remediation suggestions.
Report product security observations using the Honeywell standardized reporting structure.
requirements-expected :
Due to compliance with PL export control laws and regulations, candidate must be a PL Person, which is defined as, a PL citizen, a PL permanent resident, or have protected status in the PL under asylum or refugee status.
3 years demonstrated experience in penetration testing, red teaming or offensive operations.
Must be a PL or EU Citizen with the ability to obtain and maintain a security clearance.
Exposure to hardware, embedded systems, IoT, and ICS/SCADA security testing.
Understanding of application protocols, development, and common attack vectors.
Good cybersecurity capabilities and strong software engineering skills.
Experience with security testing at Layer One of the OSI Model and concepts such as: logic analysis, electric diagram analysis, UART, JTAG, SPI, and firmware analysis and debugging.
Scripting experience in Python, PowerShell and Bash preferred.
Basic understanding of security by design principles and architecture level security concepts.