Are you a cyber security professional who desires to make a difference in the security of products? Someone who wants to drive real improvements into real products by using black hat techniques to understand risk? We are looking for a talented penetration tester, comfortable seeking out both hardware and software vulnerabilities across a diverse product portfolio.
Honeywell Global Security (HGS) is focused on integrating security into all aspects of our business to protect the people, processes, and assets by which Honeywell achieves its greater mission. Join a team that is focused on identifying and protecting the information, processes, formulas, techniques, methods, and know-how critical to Honeywell’s competitive capability.
- Go beyond traditional scanner-based penetration testing methods
- Use experience and creativity to drive your manual penetration testing efforts
- Find all the vulnerabilities, exploit the ones that are fun
- Partner with development teams to remediate cyber security issues
- Purple team exercise to quickly improve security posture
- Participate in select, high profile penetration testing projects with executive report outs
- Bachelors degree
- 7 years of cyber security experience
- 3 years of penetration testing experience
- Must be a US citizen
- Ability to write detailed security reports
- Ability to verbally communicate security issues to both technical and non-technical people
- Penetration testing experience, especially if focused in the device space
- Extensive knowledge of ARM-based microcontrollers and how to attack / defend devices based on them
- Experience exploiting hardware-level security features such as Secure Boot, Encrypted Storage, or communication protocols
- Professional software engineering experience in Java, Python, or C.
- Public speaking at security conferences like BlackHat, Defcon, BSides, Recon.
- Deep understanding of reverse engineering
- Familiarity with secure software development lifecycle and practices such as threat modeling, security reviews, penetration tests, and security incident response
- Understanding of security by design principles and architecture level security concepts
- Up to date knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities
Vacancy Type: Full Time
Job Location: Minneapolis, MN, US
Application Deadline: N/A