Security Lead

ABB Global Industries and Services Private Limited (GISPL) is a company which has 4 business areas to support ABB projects globally. We have 2000 employees as a part of this company serving in the areas of Research, Development, Engineering center and Regional ERP support center which contributes to ABB’s 4 business areas globally. In 2015 the company name was registered as ABB Global Industries and Services Private Limited (GISPL). ABB Industrial Automation is writing the future of safe and smart operations. With our deep industry knowledge and automation expertise, we understand the needs of our customers and enable them to lead through safer, more productive, and energy efficient operations. This is a Security Lead role, reporting to the Team Manager in Business Area – Industrial Automation (IA) and located in Bangalore. You will be contributing significantly to successful project results in technology and/or product development by identifying, proposing and implementing innovative solutions. Using unique technical knowledge to oversee development tasks.

Responsibilities:

• Driving Cyber security activities for the DCS development stream covering the product portfolio and projects.
• Collaborating with Cyber security engineers within the different development streams and implementing the Cyber security roadmap.
• Working with the product development and project teams in fulfilling Cyber security related directives and requirements for different product offerings.
• Defining and clarifying product and system requirements on Cyber security.
• Working with the projects ensuring adherence to Cyber security practices (e.g. security assessment, threat modelling, static code analysis, system validation, security assurance tests and test plan/strategy reviews, handling of 3rd party software etc.).
• Collaborating with product and system architects in defining and documenting the security architecture of the product.
• Performing product design reviews throughout the development lifecycle focused on Cyber security compliance.
• Conducting security assessments for the products and ensuring Cyber security deviations and issues are resolved in collaboration with R&D teams.
• Working with the R&D teams in handling security vulnerabilities and take mitigation actions.
• Providing input about security recommendations to end user documentation and R&D internal documentation.
• Living ABB’s core values of safety and integrity, which means taking responsibility for your own actions while caring for your colleagues and the business.

Qualification And Experience:

• MCA/ B.E./ B. Tech in Computer Science or Electrical or Electronics from a reputed institution.
• Required 8 to 12 years of strong experience in the field of cybersecurity in Industrial Automation.
• Detailed knowledge about the Security Development Lifecycle (SDL) for Control Systems, Network Security, and Industrial automation systems.
• Hands on experience on developing Application / Web software with encryption / decryption.
• Knowledge on certificate handling technologies and concepts.
• Knowledge about relevant technologies (TCP/IP, OPC, Windows security concepts, understanding of cryptography, understanding of firewall technology, secure design and development etc.).
• Good knowledge of the HTTP/HTTPS protocols, and other protocols associated with web technologies.
• Knowledge of tools (threat modelling, static code analysis, etc.) and relevant security related standards, e.g. IEC62443.
• Experience with cloud computing technologies, virtualization and configuration of IaaS, PaaS and SaaS environments and associated software development environments using Microsoft Azure and/or AWS.
• Experience with port scanning, vulnerability assessment and fuzzing tools such as Defensics, Achilles, Nessus, and Nmap.
• Good knowledge on app and APIs Simple Object Access Protocol (SOAP) and Representational State Transfer (REST) security testing.
• Proficient with one of the scripting languages such as shell, python, ruby etc. is a plus.