Cyber Security Engineer / Analyst
GreenFoot Technologies - Raleigh, NC

This job posting is no longer available on GreenFoot Technologies. Find similar jobs: Cyber Security Engineer jobs - GreenFoot Technologies jobs

Our client, currently a global leader in AMR/AMI/Smart Grid Solutions, is looking to hire an experienced mid to senior-level Product Security Engineer to ensure that our embedded software, networking, and applications are designed and implemented to be secure. If you enjoy testing hardware, software and services from a security perspective, and you are experienced at discovering subtle security issues that appear under new threat scenarios, this position will provide you with a challenging opportunity.

Product (Cyber) Security Engineer / Analyst

Key Functions

Evangelize secure development practices to the product development teams

Perform security design sessions on new and updating products

Perform risk and threat analysis of products

Conduct device and application-level vulnerability and penetration testing

Work with product teams conducting security code-reviews on many of Itron's solutions

Work closely with our software, system, and network engineers to enhance our security posture

Duties & Responsibilities

Identify potential threats and work with engineers to make recommendations and implement cost effective security controls to meet market security requirements and address security deficiencies and issues.

Monitor, evaluate, and maintain systems and procedures to ensure our products remain secure.

Research, recommend, and implement changes to systems and procedures to enhance product security.

Develop and conduct periodic product security tests and audits.

Perform analysis on newly proposed product features and provide working solutions to resolve and security related issues.

Communicate security requirements and procedures to all stakeholders.

Coordinate with and support Development and other stakeholders as appropriate.

Communicate to the market, trade groups, partners and customers, the security landscape and roadmaps as appropriate.

Recommend and drive secure development and test practices into our product development organizations.


Experience: This position requires a minimum of 8 years totals years of experience in security architecture with the following:

Minimum of 5 years of software development experience using C, C++, and/or .Net programming languages.

Minimum of 3 years of experience with either Python or PERL

Minimum of 3 years of experience as a systems security engineer or architect.

Minimum of 2 years of embedded and/or device driver implementation.

Education: Bachelor's degree or equivalent experience Computer Science/MIS/Engineering preferred.

Certification(s): CISSP or GIAC certifications preferred

Preferred Skill Sets and Experience:
Versed in all aspects of UNIX, Windows, and network security.

Experience with or knowledge of the configuration, operation, and management of firewalls, VPN, SSH, PKI, Wireless, and vulnerability assessment tools.

Strong experience and detailed technical knowledge in security engineering, system and network security, authentication and security protocols, and applied cryptography

Strong experience in web-application security

Experience with service-oriented architecture and web services security

Experience with the application of threat modeling or other risk identification techniques

Detailed knowledge of application-level security vulnerabilities and remediation techniques, including penetration testing and the development of exploits

Solid understanding of technology best practices (operating systems, network and computer operations, production support, and information security).

Working knowledge on creation and implementation of client and server side SSL certificates..

Experience working in complex and integrated solutions, preferably including sensors or mobile field devices along with back-office data processing systems.

Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)

Understanding of Federal Information Process Standards related to security and FIPS certification is desired.

Understanding of NERC CIP standards is desired.

Excellent written and verbal communication skills

Excellent leadership skills and teamwork skills

Results oriented, high energy, self-motivated