This position reports to
R&D Team Lead
Your role and responsibilitiesThis role is a part of Device Security Assurance Centre who are a team of security professionals in ABB Ability Innovation Center. We conduct security tests, protocol stack robustness assessment and threat analysis of all ABB devices before they are released for production. DSAC is directly under ABB Group Cyber Security Council which is responsible for coordinating all security initiatives within ABB.Cyber Security Engineer will be responsible for the security and network robustness assessment of embedded devices and host based industrial software, security assessments of web application, API’s and mobile applications, threat analysis of the ABB products from security point of view and in-depth analysis of results and writing technical reports. Also be responsible for evaluating security methodologies relevant for the organization.The work model for the role is: Hybrid #LI-HybridThis role is contributing to the Process Automation Technology Business based out in Bangalore.You will be mainly accountable for:•\tSecurity and network robustness assessment testing of embedded devices and host based industrial software’s, Web applications, API’s and Mobile Apps.•\tThreat analysis of the devices from security point of view.•\tIn-depth analysis of results and writing technical reports.•\tProviding suggestion/fixes for improvement to device/software development teams.•\tEvaluation of new testing methodologies relevant for the organization•\tTesting Wi-Fi and Bluetooth devices for Security vulnerabilities.•\tResearch on testing security of Protocols, interfaces and Technologies used for communication to cloud based platforms and API Security.
Qualifications for the role\tB.E/ B. Tech in Computer Science/ Electronics Engineering and M. Tech in Computer Science(CGPA of 6.5 and above).\tIn depth knowledge of TCP/IP networking and application protocols concepts (knowledge of control communication protocols and technologies is a major plus).\tUnderstanding of software exploitation and common vulnerabilities.\tGood understanding of port scanning, Vulnerability assessment, penetration testing and Fuzzing tools.\tStrong knowledge in web applications scanning, penetration testing and vulnerability Assessment reporting.\tGood knowledge of the HTTP protocol, and all other protocols associated with web technologies\tFair understanding of OWASP Top 10 & SANS 25 Vulnerabilities and their mitigations.\tGood knowledge on Mobile app and APIs (REST, SOAP) security testing.\tProficient with one of the scripting languages such as shell, python, ruby etc. is an added advantage.
More about usABB a provides a comprehensive range of integrated automation, electrical and digital systems and services for customers in the process, hybrid and maritime industries. These offerings, coupled with deep domain knowledge in each end market, help to optimize productivity, energy efficiency, sustainability and safety of industrial processes and operations.We value people from different backgrounds. Apply today for your next career step within ABB and visit www.abb.com to learn about the impact of our solutions across the globe. #MyABBStoryIt has come to our attention that the name of ABB is being used for asking candidates to make payments for job opportunities (interviews, offers). Please be advised that ABB makes no such requests. All our open positions are madeavailable on our career portal for all fitting the criteria to apply. ABB does not charge any fee whatsoever for recruitment process. Please do not make payments to any individuals / entities in connection to recruitment with ABB, even if isclaimed that the money is refundable. ABB is not liable for such transactions.For current open positions you can visit our career website https://global.abb/group/en/careers and apply. Please refer to detailed recruitment fraud caution notice using the link https://global.abb/group/en/careers/how-to-apply/fraud-warning.