TS Security Engineer - Cyber Security Engineer
UL Solutions
- Mumbai, Maharashtra
- Permanent
- Full-time
- Under supervision, implement sophisticated attacks requiring multiple techniques such as vulnerability analysis, signal processing, physical attacks, and others.
- Undertake security evaluation attacks on embedded systems.
- The main activity will be the real product analysis with the aim to highlight its strengths and weaknesses.
- Work closely with customers to meet their requirements; including producing expertise reports on the findings.
- Follow-up with the latest technical developments in the physical and logical attacks area that need to be contributed to the internal R&D developments in hardware and software to enhance the level of our attacks and to explore new forms of attacks.
- Read and follow the Underwriters Laboratories Code of Conduct and follow all physical and digital security practices.
- Performs other duties as directed.
- Test plan and testing experience in a broad range of network security protocols both IPV4/IPV6.
- knowledge of Network Defense, Proxy, Firewalls, and Authentication Servers (LDAP, RADIUS, Local Auth etc.,)
- Hands on Security protocols - Captive Portal, Port Security, VPNs, IPSEC, DOT1x,Web Auth and EAP Methods.
- Penetration tests and vulnerability assessments on computer systems, networks, and applications to identify potential security risks and vulnerabilities.
- Knowledge of cryptographic encryption algorithms, key exchange algorithms, hashing/message authentication algorithms, PKI, random number generators, TCP/IP, SSH, HTTPS, SSL/TLS, IKE etc.
- Tools experience is desirable, exposure to any or all these tools IXIA, Wireshark, Burp Suit, Hydra, Fuzzers, Nmap, Nessus, etc.
- Experience building testing environments, performing testing and reporting results (technical writing).
- Excellent written/oral communication skills and strong analytical and problem-solving skills.
- Knowledge of OpenSSL, OpenSSH and/or OpenPGP.
- Vulnerability Analysis and/or penetration testing experience/expertise.
- Knowledge of various programming languages (C, C++, Python & Scapy) and development environments.
- Security Certification is an CCNA/CCNP and CEH along with VPAT knowledge and ISO 27000
- Knowledge of OWASP TOP 10 and CWE Top 25 is additional good to have along with X.509/Digital certificates and their attributes as well as protocols such as CRL and OCSP.
- Self-motivated individual with the ability to collaborate and work in a high-performing team with eagerness to learn.