Honeywell Industrial Cyber Security Penetration Tester in Singapore, Singapore
Industrial Cyber Security Penetration Tester
Innovate to solve the world's most important challenges
Honeywell is charging into the Industrial IoT revolution with the establishment of Honeywell Connected Enterprise (HCE), building on our heritage of invention and deep, on-the-ground industry expertise. HCE is the leading industrial disruptor, building and connecting software solutions to streamline and centralize the assets, people and processes that help our customers make smarter, more accurate business decisions. Moving at the speed of software, we are creating, innovating and delivering solutions fast, challenging the way things have always been done, piloting new ways for all of us to work, and expecting our successes to set new standards for our customers and for Honeywell.
We are expanding our cybersecurity Center of Excellence (CoE) and are looking for top talent to meet the challenges of securing today’s industrial systems. Our team develops new security solutions for the industrial sector. These solutions are implemented on all industrial control systems (ICS) both internal and across multiple vendors and environments.
We are looking for a technical cyber security consultant with strong penetration testing experience with exceptional analytical capabilities, excellent writing skills, and polished presentation skills. The penetration test consultant will work directly with customers to negotiate and document pre-engagement, travel to site to perform on-site testing or testing of general technology in our global cyber security labs, engage with customers to summarize findings, followed by preparation of testing report. We are seeking self-motivated individuals to contribute to the development and deployment of our Cyber Security services who are confident, integrative thinkers, results oriented, and customer focused.
The Position requires:
- Experience performing security assessment of IT and/or OT systems, software, database, or hardware
- Strong knowledge of network design and common IT/OT protocols
- Experience performing hands-on network, OS, domain, and application penetration testing
- Experience performing manual penetration testing
- Experience performing penetration testing using commercial and open source tools
- Experience producing high quality pre-engagement documents and comprehensive penetration testing reports
- Research on cyber security trends, testing techniques, best practices, and industry standards
- Knowledge of industrial control system (ICS), DCS, SCADA, PLSC.
- Advanced knowledge of network design, virtualization network design, and network/information security design
- To maintain industrial safety awareness through the completion of pertinent safety certifications
- To stay current on and maintain proficiency with latest technologies in the cyber security domain
International travel up to 50%
30 Performing hands-on network, OS, domain, and application penetration testing
30 Work directly with customers to negotiate and document pre-engagement
30 Engage with customers to summarize findings
10 Research on cyber security trends, testing techniques, best practices, and industry standards
You Must have:
- Bachelor’s degree in a computer related field such as Computer Science, Computer information systems or in lieu of degree 7 years of directly related experience
One or more of the following certifications:
GPEN or GXPN certification
- OSCP or OSCE certification
- 5+ years working experience in penetration testing / ethical hacking of IT and/or OT systems.
- 3 years working knowledge in Industrial Control Systems - DCS / PLC / SCADA / SIS systems
- Exceptional diagnostic and analytical skills including problem solving, management of priorities and self-direction to resolve complex issues
- Industrial recognized security certification, such as CISSP, GICSP, CISA, etc.
- 3 years of VMWare Virtualization technology experience
- Knowledge of IT/OT Security Technical regulations and requirements
- Industry standards such as ISA 99, ISO 27000, IEC 62443, NIST SP 800-82
- Expert knowledge of the life cycle of network threats, attacks, attack vectors, and methods of exploitation with an understanding of intrusion set tactics, techniques, and procedures
- Experience in LAN architectures & related diagnostic tools
- LAN networking principles and protocols including Ethernet, hubs, switches, Routers, TCP/IP, VLAN, Next Generation Firewall, DMZ, VPN, IDS, IPS
- TCP/IP protocols – SMTP, SNMP, SCP, SSL, HTTP, SSH, SSL
- Common industrial communication protocols – Modbus, Devicenet, Profibus, Foundation Fieldbus, DNP3, and OPC
- Microsoft – Active Directory, DNS, WSUS, Terminal Server, PowerShell
- Experience with anti-virus systems, backup & restore solutions, system management
- Experience utilizing network analysis tools, What’s Up Gold, Solar Winds, etc.
- Experience with log collection, management, and reporting
- Experience with enterprise and industrial wireless technology
- Working knowledge of open source and commercial penetration testing tools such as Metasploit, Cobalt Strike, Kali Linux, Nessus, Nmap, Nexpose, Wireshark, etc.
How Honeywell is Connecting the World
- Continued Professional Development
- Job ID: HRD60644
- Category: Engineering
- Location: 17 Changi Business Park Central 1, U01-01/09, #02-01/09, #03-01/09, #04-01/09 & #05-01/05, Singapore, SINGAPORE 486073 SGP
Honeywell is an equal opportunity employer. Qualified applicants will be considered without regard to age, race, creed, color, national origin, ancestry, marital status, affectional or sexual orientation, gender identity or expression, disability, nationality, sex, or veteran status.
Honeywell is an equal opportunity employer. Qualified applicants will be considered without regard to age, race, creed, color, national origin, ancestry, marital status, affectional or sexual orientation, gender identity or expression, disability, nationality, sex, religion, or veteran status.
For more information on applicable equal employment regulations, refer to the EEO is the Law poster .
Please refer to the EEO is the Law Supplement Poster & the Pay Transparency Policy .
For more information on how we process your information in the job application process, please refer to Recruitment Privacy Notice .
If a disability prevents you from applying for a job through our website, request assistance here . No other requests will be acknowledged.
Terms & Conditions | Privacy Statement © 2017 Honeywell International Inc.
- Honeywell Jobs