Job description:

JOB DESCRIPTION Cyber Security Consultant - Penetration Tester

Industrial Cyber Security (ICS) Center of Excellence (CoE) in Singapore

Honeywell is charging into the Industrial IoT revolution with the establishment of Honeywell Connected Enterprise (HCE), building on our heritage of invention and deep, on-the-ground industry skills. HCE is the leading industrial disruptor, building and connecting software solutions to streamline and centralize the assets, people and processes that help our customers make smarter, more accurate business decisions. Moving at the speed of software, we are creating, innovating and delivering solutions fast, challenging the way things have always been done, piloting new ways for all of us to work, and expecting our successes to set new standards for our customers and for Honeywell.

We are expanding our cybersecurity Center of Excellence (CoE) and are looking for top talent to meet the challenges of securing today's industrial systems. Our team develops new security solutions for the industrial sector. These solutions are implemented on all industrial control systems (ICS) both internal and across multiple vendors and environments.

The Position:

We are seeking for a technical cyber security consultant with strong penetration testing practice with exceptional analytical capabilities, excellent writing skills, and polished presentation skills. The penetration test consultant will work directly with customers to negotiate and document pre-engagement, travel to site to execute on-site testing or testing of general technology in our global cyber security labs, engage with customers to summarize findings, followed by preparation of testing report. We are pursuing self-motivated individuals to contribute to the development and deployment of our Cyber Security services who are confident, integrative thinkers, results oriented, and customer focused.

The Position requires:

» practice performing security assessment of Information technology and/or OT systems, software, database, or hardware

» Strong knowledge of network design and common IT/OT protocols

» practice performing hands-on network, OS, domain, and application penetration testing

» practice with one or more scripting and programming languages, such as Python, JavaScript, Perl, Ruby, VB.Net, C++, C#, Java, Powershell, etc.

» practice performing manual penetration testing

» practice performing penetration testing using commercial and open source tools

» practice producing high quality pre-engagement documents and comprehensive penetration testing reports

» Research on cyber security trends, testing techniques, best practices, and industry standards

» Knowledge of industrial control system (ICS), DCS, SCADA, PLSC.

» Advanced knowledge of network design, virtualization network design, and network/information security design

» To maintain industrial safety consciousness through the completion of pertinent safety certifications

» To stay current on and maintain proficiency with latest technologies in the cyber security domain

» International travel up to 50%

You Must have:

» Bachelor's degree in a computer related field such as Computer Science, Computer information systems or in lieu of degree 7 years of directly related practice

» One or more of the following certifications:

»

» GPEN or GXPN certification

» OSCP or OSCE certification

We Value:

» 5+ years working practice in penetration testing / ethical hacking of Information technology and/or OT systems.

» 3 years working knowledge in Industrial Control Systems - DCS / PLC / SCADA / SIS systems

» Exceptional diagnostic and analytical skills including problem solving, management of priorities and self-direction to resolve complex issues

» Industrial recognized security certification, such as CISSP, GICSP, CISA, etc.

» 3 years of VMWare Virtualization technology practice

» Knowledge of IT/OT Security Technical regulations and requirements

» Industry standards such as ISA 99, ISO 27000, IEC 62443, NIST SP 800-82

IT Knowledge:

» Expert knowledge of the life cycle of network threats, attacks, attack vectors, and methods of exploitation with an knowledge of intrusion set tactics, techniques, and procedures

» practice in LAN architectures & related diagnostic tools

» LAN networking principles and protocols including Ethernet, hubs, switches, Routers, TCP/IP, VLAN, Next Generation Firewall, DMZ, VPN, IDS, IPS

» TCP/IP protocols - SMTP, SNMP, SCP, SSL, HTTP, SSH, SSL

» Common industrial communication protocols - Modbus, Devicenet, Profibus, Foundation Fieldbus, DNP3, and OPC

» Microsoft - Active Directory, DNS, WSUS, Terminal Server, PowerShell

» practice with anti-virus systems, backup & restore solutions, system management

» practice utilizing network analysis tools, What's Up Gold, Solar Winds, etc.

» practice with log collection, management, and reporting

» practice with enterprise and industrial wireless technology

» Working knowledge of open source and commercial penetration testing tools such as Metasploit, Cobalt Strike, Kali Linux, Nessus, Nmap, Nexpose, Wireshark, etc.

COMPANY SNAPSHOT

Average Processing Time More Than 2 Weeks

Registration No. 403507-P

Industry Others

Website https://www.honeywell.com/

Company Size More than 5000 Employees

Working Hours Regular hours, Mondays - Fridays

Dress Code Formal (e.g. Shirts + Ties)

Benefits Medical, Miscellaneous allowance

Spoken Language English

COMPANY PHOTOS »

»

COMPANY OVERVIEW Honeywell creates solutions linked to global macro-trends that improve quality of life for people around the globe — generating clean, healthy energy, and using Information technology more efficiently; increasing our safety and security; enabling people to connect, communicate, and collaborate; and equipping our customers to be even more productive.

The core businesses – Aerospace, Automation and Controls Solutions, and Performance Materials and Technologies – are leaders in their respective industries, driving solutions that make people’s lives better every day. Chances are that there are Honeywell products all around you right now.

With more than 127,000 employees worldwide, including approximately 22,000 engineers, Honeywell has an unrelenting commitment to quality and delivering results in everything we make and do. We are passionate about creating new technologies and take pride in developing solutions that help solve the world’s toughest challenges in the areas of safety, security, energy and growing global wealth per capita.

A career at Honeywell offers infinite possibilities within a diversified, global organization that is helping to help solve the world’s toughest challenges and improving quality of life for people globally. We invite you in our quest.

WHY JOIN US? At Honeywell, we are building a world that’s safer and more secure, more comfortable and energy efficient and more innovative and productive.

Honeywell creates solutions linked to global macro-trends that improve quality of life for people around the globe — generating clean, healthy energy, and using Information technology more efficiently; increasing our safety and security; enabling people to connect, communicate, and collaborate; and equipping our customers to be even more productive.

Our core businesses – Aerospace, Home and Building Technologies, Safety and Productivity Solutions, and Performance Materials and Technologies – are leaders in their respective industries, driving solutions that make people’s lives better every day. Chances are that there are Honeywell products all around you right now.

A career at Honeywell offers infinite possibilities within a diversified, global organization that is helping to help solve the world’s toughest challenges and improving quality of life for people globally. We invite you in our quest.

Skills: