Wabtec - Embedded Software Engineer - Cyber Security (7-10 yrs)

Job Summary :

As a Security Software Designer, you will be responsible for designing, developing, and implementing software solutions that protect systems and networks from cyber threats. You will work closely with cross-functional teams to ensure that security is integrated into every phase of the software development lifecycle.

Primary responsibilities :

1. Carry security assessment Complying to Wabtec CATO requirements on Embedded Product Using Threat Model, Threat & Risk Analysis and vulnerability analysis.

2. Bring up the Security Architecture and Design as per the Need of the project to mitigate/Remediate the threats and Get final Cybersecurity approval for Release.

3. Design and Develop the Secure Embedded software applications

4. Analyze and propose mitigation for Security scan results - SAST, DAST,SCA and FST requirements.

5. Collaborate with Development team of Different Product lines to propose and integrate the secure Practices in product design lifecycle

Qualification / Requirement :

- Bachelor's/Master's degree in CS/E&C/IS with Overall Working experience of 8+ Years in Embedded System with Cybersecurity

- Proven experience in Secure software design development with security practices.

- Strong understanding of security protocols, cryptography, and secure coding techniques.

- Excellent problem-solving skills and attention to detail.

Essential Requirements :

- Very strong technical knowledge on Secure Embedded system Design and Implementation in Bear Metal & Embedded Linux - Secure Boot, Serial, USB, Ethernet and IoT

- Hands experience with Programming Language C, C++ and Python

- Secure Design Patterns & Principles, Standards IEC62443, NIST 800 Standard OWSAP, CWE

- Working experience with Network Protocols, network Infrastructure and services in Embedded Linux Firewalls, Router, Switches, VPN, HTTP, SSH, SFTP, FTP, TFTP, SNMP, SNMP, DHCP, MQTTS, NTP etc

- Cryptographic Concept - Storage of passwords, accounts, keys, Certificates use, Crypto Key Management, Key Generation and Key Usage

Desired Requirements :

- Sound Knowledge on the Network Security Protocols HTTPS, SSL, TLS

- Authentication and Authorization

- Gitlab Repository and Pipeline Concept

- Design and Development experience in FPGA, PLC, Cloud and IOT based secure systems

- Study and Propose best Security design Solution to meet the project needs

- Understand and comply to customer proposed security Requirements and Standards

- Risk Assessment

- Security Scan tools Knowledge Polaris, Blackduck etc.

- Ability to perceive the system knowledge and Analyse the Threat Surface and Vector of threat

- Proficient enough to Propose and Conceptualize the Security solution based on the Technology domain

Work Model : Hybrid (3 Days a week), May change from time to time based on the Organization policies

Travel : Domestic/International- Minimal Based on project need

Physical Requirement :

- Shall be able to be work on hybrid model at Bengaluru facility and collaborate with team members

- Efficient enough to work long hours on Laptop/System as required by project needs.