Security Engineer  (Remote)

We are in search of our next (two)great hires, as a dynamic Engineer with exposure to cybersecurity, and/or a seasoned CyberSecurity Engineer with a passion for security to come join our growing team.

You will be designing & implementing security solutions for our clients on a global scale, across multiple verticals. This role will be fully remote for one (1) year, then transition to one of our site locations in Quakertown Pennsylvania, 1-2 times per week, as needed. We would consider a fully remote candidate, coordinating efforts through virtual touches and travel as needed. Meaning if your gifted and disciplined we would consider taking on a team member based out-of-state to work fully remote.

The Security engineer will provide guidance, analysis, and auditing to product development organizations in the field of Automation Cybersecurity.  You will be charged with the development and growth of our automation cybersecurity business.
 

Preferred Experience

• Preferred experience with two (2) of the following areas: software development, network infrastructure and/or product development
• Knowledge, experience in developing software that is secure by design
• Experience creating security threat models for products or system
• Knowledge of the causes of security vulnerabilities and how to prevent them
• Knowledge of and experience following a secure development lifecycle
• Understanding of security concepts such as identification and authentication, symmetric and asymmetric encryption, secure boot, and PKI
• Exposure to IEC 62443 standards, a plus.
• Knowledge of Networking and communication protocols
• Experience in Penetration Testing or other security related testing such as, software composition analysis, static analysis, abuse case testing, and known vulnerability scanning.
• Ability to communicate effectively, both verbal and written being fully proficiency.

Duties
 

The Security Engineer will be responsible for providing Automation System Cybersecurity related services.

The primary duties will include the following:

• Undertake training as required to improve skill set with cyber-security as directed by business needs.
• Review, understand, and critique the IEC 62443 automation cybersecurity standards.
• Visit development organization virtually and onsite to determine the software processes used to create their software and advise/explain what improvements, if any, are needed to meet IEC 62443 security development requirements.
• Explain and teach cybersecurity development process requirements.
• Review and understand hardware/software designs to verify the security features of those designs.
• Audit completed projects to assess if their processes used and resulting designs meet the requirements of the cybersecurity certification scheme.
• Review and understand security testing on products and systems in order to assess if meeting security standards.
• Present at technical conferences, symposiums and support business development efforts as needed, not required-preferred.
• Compile proposals and budgets when required.
• Travel within the US as needed, some international although limited, if at all. Domestic travel 5-15%. Year one (1) nearly fully remote from home, while customer interactions be held virtually through MS Teams.
• Produce white papers, blogs, webinars and new training material on cyber security products/services when required, as needed

Education

• Bachelor’s Degree in computer science, Computer Engineering, Networking, Cybersecurity, Electrical Engineering, or equivalent years of experience.

• Professional certifications preferred, not required: IEC, CISM, CISA, CISSP, GICSP, CACE, CACS, CSSLP or equivalent years of experience.