Security Lead Job in Abb

This is a Security Lead role, reporting to the Team Manager in Business Area Industrial Automation (IA) and located in Bangalore. You will be contributing significantly to successful project results in technology and/or product development by identifying, proposing and implementing innovative solutions. Using unique technical knowledge to oversee development tasks.

Your responsibilities

• Driving Cyber security activities for the DCS development stream covering the product portfolio and projects.
• Collaborating with Cyber security engineers within the different development streams and implementing the Cyber security roadmap.
• Working with the product development and project teams in fulfilling Cyber security related directives and requirements for different product offerings.
• Defining and clarifying product and system requirements on Cyber security.
• Working with the projects ensuring adherence to Cyber security practices (e.g. security assessment, threat modelling, static code analysis, system validation, security assurance tests and test plan/strategy reviews, handling of 3rd party software etc.).
• Collaborating with product and system architects in defining and documenting the security architecture of the product.
• Performing product design reviews throughout the development lifecycle focused on Cyber security compliance.
• Conducting security assessments for the products and ensuring Cyber security deviations and issues are resolved in collaboration with R&D teams.
• Working with the R&D teams in handling security vulnerabilities and take mitigation actions.
• Providing input about security recommendations to end user documentation and R&D internal documentation.
• Living ABB s core values of safety and integrity, which means taking responsibility for your own actions while caring for your colleagues and the business.

Your background

• MCA/ B.E./ B. Tech in Computer Science or Electrical or Electronics from a reputed institution.
• Required 8 to 12 years of strong experience in the field of cybersecurity in Industrial Automation.
• Detailed knowledge about the Security Development Lifecycle (SDL) for Control Systems, Network Security, and Industrial automation systems.
• Hands on experience on developing Application / Web software with encryption / decryption.
• Knowledge on certificate handling technologies and concepts.
• Knowledge about relevant technologies (TCP/IP, OPC, Windows security concepts, understanding of cryptography, understanding of firewall technology, secure design and development etc.).
• Good knowledge of the HTTP/HTTPS protocols, and other protocols associated with web technologies.
• Knowledge of tools (threat modelling, static code analysis, etc.) and relevant security related standards, e.g. IEC62443.
• Experience with cloud computing technologies, virtualization and configuration of IaaS, PaaS and SaaS environments and associated software development environments using Microsoft Azure and/or AWS.
• Experience with port scanning, vulnerability assessment and fuzzing tools such as Defensics, Achilles, Nessus, and Nmap.
• Good knowledge on app and APIs Simple Object Access Protocol (SOAP) and Representational State Transfer (REST) security testing.
• Proficient with one of the scripting languages such as shell, python, ruby etc. is a plus.