Pune, Marshall Islands

What you will do

Consulting with product teams on ‘security by design’ principles across the Software Development Lifecycle to assist Security Architects when conducting product specific security assessments.

Perform static and dynamic code analysis, vulnerability scanning and ethical hacker penetration testing to detect any potential security design flaws or vulnerabilities.

Demonstrating proof of exploit where necessary.

Prototyping and testing countermeasures to defend against attacks where necessary.

Consult and support product teams in mitigating any discovered security design flaws or vulnerabilities.

How you will do it

Perform threat analysis such as monitor vulnerability trends across product ranges, track vulnerability remediation and produce reports at various levels of granularity to product teams and at executive level.

Aid and support in product security incident and response activities.

Perform forensic analysis of any potential incidents here necessary.

Coordinate with GPS for penetration testing engagements for product teams.

Undertake relevant cyber security training courses and attend conferences for example OWASP AppSec, Black Hat, to stay current on latest technologies and evolving threats.


What we look for

Required

Must have B.E / B.Tech / M.Tech / MCA in Computer Science or Information Technology

Must have a minimum of 6-8 years cybersecurity experience, preferably in application security, embedded systems security and/or (secure) software development is desired.

Active security certifications such as OSCP, CISSP, CEH, CSSLP or related is desired.

Good understanding of one or more of the following is desired: Linux, programming & scripting languages (such as Java, Python, Perl) and security tools (such as Kali, Zap, Nessus, Netsparker, openVAS, BurpSuite, Metaspolit and so forth).

Ability to work well under minimal supervision.

Requires strong interpersonal, organizational, written and verbal communication skills.

Preferred

Programmers/Full stack developers whom have a demonstrated passion for cyber security and want to pursue cyber security as a full time career path.

Good understanding of one or more of the following is desired: Linux, programming & scripting languages (such as Java, Python, Perl) and security tools (such as Kali, Zap, Nessus, Netsparker, openVAS, BurpSuite, Metaspolit and so forth).

Must be eager to learn a constantly changing field and technology stacks, work in a fast-paced environment with tight development schedules, and partner with product development teams to guide them in meeting security requirements in a way least impactful to their development timelines.

Ability to work with incomplete and ambiguous information to influence system and product direction understanding security and functional requirements.

Pune, Marshall Islands

A GLOBAL LEADER

Johnson Controls -

The future is being built today, and Johnson Controls is making that future more productive, more secure and more sustainable. We create intelligent buildings, efficient energy solutions, integrated infrastructure and next generation transportation systems that work seamlessly together to deliver on the promise of smart cities and communities. At its core, that promise is about delivering innovation that make people’s lives – and the world – better.

Johnson Controls is a global diversified technology and multi industrial leader serving a wide range of customers in more than 150 countries. Our commitment to sustainability dates back to our roots in 1885, with the invention of the first electric room thermostat. We are committed to helping our customers win and creating greater value for all of our stakeholders through strategic focus on our buildings and energy growth platforms.

Explore our site to learn how our innovative solutions are driving the future of urban efficiency.