As an Engineer, you will be part of a team that is responsible for business and customers’ success. Key objectives include ensuring customers’ products, inclusive and notwithstanding of software, hardware and related components having the appropriate security mechanisms in place.
Key Responsibilities:
- Perform cybersecurity assessments on Consumer, Industrial and Medical related products and systems.
- Evaluate and perform attack surface analysis on IoT products and respective network and systems.
- Conduct Vulnerability Assessments and Penetration Testing (i.e. Web, Mobile, Cloud and API) in accordance to various standards on products and systems.
- Develop testing specifications and methodology based on international standards.
- Conduct source code reviews and threat modelling pertaining to products
- Research and keep up to date with the current threat landscape, attack vectors and testing techniques with regards to IoT technologies
- Collaboration across various teams to ensure comprehensive service delivery.
- Product conformity testing on any of the following requirements but not limited to:
- IoT cyber security requirements (ETSI EN 303 645, NIST IR 8259A, CSA CLS, IMDA TS RG-SEC, etc.)
- OT cyber security requirements (IEC 62443 series, ISASecure, etc.)
- Medical products cybersecurity requirements (MDR, FDA, IEC 81001, etc.)
Key Requirements:
- Diploma or Degree in Electrical & Electronics/Computer/Information Engineering or Computer Science, Information Systems/Security or equivalent.
- At least 4 years of experience relating to cybersecurity and/or products-based technologies.
- Familiarity with testing frameworks such as OWASP Top 10, PTES, OSSTMM, MITRE
- Knowledge of networking and communication protocols, where Professional certification in Comptia Sec+, Network+ or equivalent is good to have.
- Professional certification such as CREST, OSCP, eCPPT, eMAPT, GPEN, PenTest+ would be an added advantage.
- Good understanding and knowledge of IoT-based technologies and architecture.
- Hands-on experience in performing vulnerability assessments and penetration testing.
- Results and service-oriented individual who possesses initiative, good communication and written skills.
- A proactive team player with the ability to work independently and within the team in complex projects with variable timelines.
- On the job training will be provided as required