Honeywell International Inc.
PenetrationTester Job Description/Skill Requirements
As a Penetration Test Product Security Engineer at Honeywell, this isyour opportunity to:
Develop and deliver modular, repeatable and effective cyber security testing across Applications (Web/Mobile), Network (Wireless/Cloud), IoT, and Physical products
Test infrastructure with multi-pronged, controlled, focused attacks, on-prem and in the cloud, in order to detect cybersecurity weaknesses.
Find creative ways to display the impact of detected weaknesses in infrastructure and applications.
Partner with Security Architects and software development teams to gather information and conduct penetration tests.
Responsible for writing and reviewing formal penetration test reports documenting the details of a penetration test and all vulnerabilities, potential issues, and strengths found during the test.
Communicate complex technical concepts to both technical and non-technical co-workers in a clear and concise manner.
Take ownership of product security product deliverables ensuring both timelines and requirements are met.
YOU MUST HAVE
Bachelor’sdegree in computer science or software engineering, or equivalent
5+ years ofpenetration testing experience
A strong understanding of basic Azure cloud infrastructure and services.
Experience with internal and external network penetration tests on external web services applications, wireless, mobile and network penetration tests.
Experience with various commercial, open-source, and freeware penetration test tools such as:Backtrack/Kali Linux, Burpsuite, Metasploit, Netsparker, Acunetix, Nessus, etc
Comfortable using, configuring, troubleshooting, and administering one or more of the following, Unix, Linux, Mac OSX, and Windows operating systems.
Scripting experience with Python, bash, Powershell, Perl, etc.
Have knowledge and experience in OWASP Top 10.
Good cyber security capabilities including application protocols, development, and common attack vectors.
Familiarity with reverse engineering tools, debuggers, and dynamic analysis techniques.
Ability to script advanced attacks.
Ability to 'fuzz' applications and protocols for new vulnerabilities and able to fully exploit newly discovered vulnerabilities.
Ability to discover advanced logic flaws and multiple step architectural errors.
Experience and knowledge of penetration testing methodologies and tools.
Up to date knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities.
Strong understanding of offensive and defensive security, including offensive evasion and defensive detection techniques.
Advanced working understanding of information gathering techniques and processes.
Understanding of SAFe Agile software development practices
Certified Ethical Hacker (CEH) or Certified Penetration Tester (CPT) or Certified Offensive Security Professional (OCSP) or equivalent certification
A Job posting does not exist for this global job code, please work with your HRG to develop one
- JOB ID: HRD114027
- Category: Engineering
- Location: HW Camp II,Bldgs 9A&9B,Plot C2,RMZ Ecoworld,Varturhobli,Sarjapur Marathahalli Outer Ring Road,Bangalore,KARNATAKA,560103,India
Email this job
Send this job to yourself or a colleague.
Sign up for alerts and get notified when jobs like this are posted.
Enter Email address
Get tailored job recommendations based on your interests.
Join The Talent Honeywell Community
Honeywell is an equal opportunity employer. Qualified applicants will be considered without regard to age, race, creed, color, national origin, ancestry, marital status, affectional or sexual orientation, gender identity or expression, disability, nationality, sex, religion, or veteran status.