Informacje o stanowisku

about-project :

• Honeywell is seeking a Senior Cyber Security Researcher (Penetration Testing) to join growing team of leaders responsible for the establishment and maintenance of security development lifecycle best practices within Honeywell Aerospace business. This is a hybrid role, 3 days in office, 2 from home.
• The Senior Cyber Security Researcher reports to the Product Security Assurance Leader and will be responsible for assessing and evaluating the security posture of a variety of Honeywell Aerospace Products and partner technologies.  This role will be responsible for security services delivery, which may include use of application, network, firmware, mobile, hardware security toolsets, detection of security defects, and remediation consultation of those weaknesses.  Our services support the identification of potential attack techniques and serve as the foundation for continuously improving the product development lifecycle.

• Collaborate as an Individual Contributor with the Product Security Assurance Team
• Deliver Security / Penetration Testing across divers Honeywell Aerospace products, solutions and services
• Assist in the development of modular, repeatable, effective Security Testing processes
• Partner with Tools and Technology Team to select, implement, develop, and automate testing with appropriate tools.
• Work with cross functional teams to develop remediation suggestions
• Report product security observations using the Honeywell standardized reporting structure

• YOU MUST HAVE
• Bachelors degree Comp Science, Cyber Sec, SW Engi
• 3 years demonstrated experience in penetration testing, red teaming or offensive operations.
• Must be a PL or EU Citizen with the ability to obtain and maintain a security clearance.
• WE VALUE
• Exposure to hardware, embedded systems, IoT, and ICS/SCADA security testing
• Understanding of application protocols, development, and common attack vectors.
• Good cybersecurity capabilities and strong software engineering skills
• Experience with security testing at Layer One of the OSI Model and concepts such as: logic analysis, electric diagram analysis, UART, JTAG, SPI, and firmware analysis and debugging.
• Scripting experience in Python, PowerShell and Bash preferred.
• Basic understanding of security by design principles and architecture level security concepts
• Effective oral and written communication skills
• Demonstrated project management skills.
• Relevant Cyber Security certifications: CEH, OSCP, GPEN
• Experience with pen test tools and frameworks such as:  Burp Suite, IDA Pro, GHidra, Kali, OWASP, CWE

• Market-specific training and ongoing personal and professional development with support of experienced leaders
• Extra-week of holiday, semi-flexible working hours
• Benefit portfolio including Multisport card for free or discounted access to sports and leisure facilities, global partnership and discounts and more

Kraków - Oferty pracy w okolicznych lokalizacjach