Careers

Cybersecurity Engineer

Posted: Friday, April 09, 2021


Sellersville, PA USA

Role:

To provide guidance, analysis and auditing to product development organizations in the field of Automation Cybersecurity.  The engineer will have a role in the development and growth of exida’s Automation Cybersecurity certification business.  The engineer may represent and promote exida at industry meetings and/or participating in industry committees.

Required Education/Experience:

  • A minimum of 3 years of software product development experience
  • Knowledge and experience in developing software that is secure by design
  • Experience creating security threat models for products or system
  • Knowledge of the causes of security vulnerabilities and how to prevent them
  • Knowledge of and experience following a secure development lifecycle
  • Understanding of security concepts such as identification and authentication, symmetric and asymmetric encryption, secure boot, and PKI
  • Knowledge of Networking and communication protocols
  • Bachelor’s Degree in computer science, Computer Engineering, Electrical Engineering or equivalent

Desired Education/Experience:

  • Experience in Penetration Testing or other security related testing such as fuzz testing, software composition analysis, static analysis, abuse case testing, and known vulnerability scanning.
  • Knowledge of IEC 62443 Series of Standards
  • Any of the following professional certifications:  CISA, CISSP, GICSP, CACE, CACS, CSSLP or equivalent

Responsibilities/Duties:

The Cybersecurity Engineer is responsible for providing Automation System Cybersecurity related services for exida.  

The primary duties will include the following:

  • Undertake training as required to improve skill set with cyber-security as directed by business needs;
  • Review, understand, and critique the IEC 62443 automation cybersecurity standards;
  • Visit development organization offices to determine the software processes actually used to create their software and advise/explain what improvements, if any, are needed to meet IEC 62443 security development requirements; 
  • Explain and teach cybersecurity development process requirements;
  • Review and understand hardware/software designs to verify the security features of those designs; 
  • Audit completed projects to assess if their processes used and resulting designs meet the requirements of the exida cybersecurity certification scheme;
  • Review and understand security testing done on products and systems in order to assess that they meet the requirements of the relevant security standards.
  • Manage and execute projects;
  • Support business development efforts;
  • Present at technical conferences and symposiums;
  • Compile proposals and budgets when required;
  • Travel within the domestically and internationally (when required), sufficient to meet the business goals and targets of exida;
  • Identify potential threats and/or opportunities for exida’s  services and product improvement and/or development;
  • Produce white papers, blogs, webinars and new training material on cyber security products/services when required;
  • Work in a professional and proper manner at all times, representing the best interests of exida.

E-Mail Resume