Security Engineer

Company: Honeywell
Location: Raleigh
Posted on: June 25, 2022

Job Description:

Innovate to solve the world's most important challengesThe future is what you make it. When you join Honeywell, you become a member of our global team of thinkers, innovators, dreamers and doers who make the things that make the future. The future is what you make it. When you join Honeywell, you become a member of our global team of thinkers, innovators, dreamers and doers who make the things that make the future. That means changing the way we fly, fueling jets in an eco-friendly way, keeping buildings smart and safe and even making it possible to breathe on Mars. Working at Honeywell isn't just about developing cool things. That's why all of our employees enjoy access to dynamic career opportunities across different fields and industries. Are you ready to help us make the future? This Security Engineer position is part of Honeywell Smart Energy, based in Raleigh, NC. Honeywell Smart Energy develops Electric, Gas and Water Smart Metering Systems for utilities in America and world-wide. The Security Engineer role is responsible for ensuring that all assigned software product development and support adhere to the Honeywell Security Development Lifecycle (SDLC), which is built around industry standards and compliance against IEC-62443. The Security Engineer position is integrated within the Tier 3 support team, reporting to a Tier 3 manager within the Product Support organization. The candidate follows established software development and release processes to assure high quality product delivery according to requirements and schedule. - The Security Engineer acts as the interface between the software development team(s) and the Security Leadership, owner of the Honeywell Security Development Lifecycle (SDLC) process. The Security Engineer leads the Planning, Definition, Implementation and Deployment phases of the SDLC. The candidate works within the Tier 3 support team to prepare and submit any required artifacts, conduct reviews with the Security Leadership, obtain approval for each phase and final approval before release. The Security Engineer candidate is an accomplished software engineer, with proven experience designing and developing complex software applications and systems. The candidate has solid security knowledge, comprising detailed understanding of security threats, secure software design principles, secure coding practices and knowledge of cryptographic tools and libraries. -The candidate can review code vulnerabilities, design, and implement fixes. As Security Engineer, the candidate leads the software architecture design and support of the assigned established products and ensures the products meets the security requirements identified during the SDLC planning phase. The candidate has proven experience working with technical teams through all phases of the software development lifecycle. Responsibilities --- - - - - - - Ensure all assigned software products developments adhere to the Honeywell Security Development Lifecycle (SDLC). --- - - - - - - Lead the software architecture design of the assigned products and ensure the products meet security requirements. --- - - - - - - For the software product releases planned for a given release cycle, conduct reviews with the Security Leadership and obtain formal security approval before external releases. --- - - - - - - For the Planning, Definition, Implementation and Deployment phases of the SDLC, lead the Tier 3 team to gather data, perform tasks and prepare reports specified by the security process (example: perform static code analysis review output reports, resolve vulnerabilities). Example of security activities and related deliverables that fall under the responsibility of the Security Engineer are: o - - Security Requirements Specification o - - Security Architecture o - - Privacy Impact Assessment o - - Threat Model o - - Product Security Risk Analysis o - - Static Code Analysis o - - Open Source and Commercial third-party library analysis o - - Secure Coding Practice o - - Security Manual o - - Security Risk Management o - - Security Testing o - - Security Reviews (Checklist) --- - - - - - - Prepare all security artifacts, submit, and track approval through secure portal. --- - - - - - - Coordinate the work of security tester(s) assigned to the team, to specify security test plan, perform tests, review, and record test results. --- - - - - - - Define and track the security review progress. --- - - - - - - Work with Tier 3 manager and team to define plan for release cycles, escalate issues, sort priorities, and address any scheduling impacts. MUST HAVE--- Bachelor or master's degree in Computer Science, Computer Engineering, Electrical Engineering--- 1+ year experience developing complex software applications--- 1+ year of experience with C++ and/or Java languagesWE VALUE--- Cybersecurity certification (example CISSP)--- Previous experience as product Cybersecurity Engineer--- Experience with software development practices--- Domain knowledge of smart metering systems (preferred) or other industrial software systemsHPS202020Additional Information

• JOB ID: HRD166273
• Category: Engineering
• Location: 208 South Rogers Lane,Raleigh,North Carolina,27610,United States
• Exempt
• Honeywell is an equal opportunity employer. Qualified applicants will be considered without regard to age, race, creed, color, national origin, ancestry, marital status, affectional or sexual orientation, gender identity or expression, disability, nationality, sex, religion, or veteran status.

Keywords: Honeywell, Raleigh , Security Engineer, Engineering , Raleigh, North Carolina