Junior Cyber Security

Competetive SalaryPF and GratuityAbout Our ClientOur client is an international professional services brand of firms, operating as partnerships under the brand. It is the second-largest professional services network in the worldJob DescriptionYour Responsibilities * Design and maintain frameworks for product classification and automated security requirements mapping * Conduct TARAs (Threat Analysis and Risk Assessment) and security assessments for Festo products * Support product teams in automating the generation of SBOMs (Software Bill of Materials) * Develop and execute test specifications, test cases and test plans for vulnerability testing of Festo products * Conduct penetration testing and basic vulnerability assessment of Festo products * Support documentation of test results and collaborate with the development teams * Support the continuous improvement and automation of security testing * Establish and maintain DevSecOps practices within CI/CD environments and develop automation infrastructure * Support the provision of tools and documentation in the context of SAMM (Software Assurance Maturity Model) * Collaborate with product compliance and development teams to implement and maintain product security measures * Support investigation and mitigation of product-related security incidents (PSIRT) Our Requirements * Education: Bachelor's degree in engineering, Computer Science, Mechatronics, Information Science and Electronics, Cyber Security or equivalent * Mandatory Experience: o Min 2 years of experience in product security, ideally in Industrial Automation or automotive field o Programming knowledge in Python and JavaScript o Basic familiarity with different industrial protocols and PLC systems o Experience with CI/CD practices and DevOps o Basic knowledge of Linux * Nice-to-Have: o Understanding of Secure Development Lifecycle and standards like IEC 62443-3 / 62443-4 o Additional knowledge in programming languages such as C, C++ or Shell scripting o Experience with tools like OpenVAS, Nessus, Nmap, Wireshark, embedded or IOT penetration testing o Experience in embedded domain o Experience in Linux hardeningThe Successful ApplicantYour Responsibilities * Design and maintain frameworks for product classification and automated security requirements mapping * Conduct TARAs (Threat Analysis and Risk Assessment) and security assessments for Festo products * Support product teams in automating the generation of SBOMs (Software Bill of Materials) * Develop and execute test specifications, test cases and test plans for vulnerability testing of Festo products * Conduct penetration testing and basic vulnerability assessment of Festo products * Support documentation of test results and collaborate with the development teams * Support the continuous improvement and automation of security testing * Establish and maintain DevSecOps practices within CI/CD environments and develop automation infrastructure * Support the provision of tools and documentation in the context of SAMM (Software Assurance Maturity Model) * Collaborate with product compliance and development teams to implement and maintain product security measures * Support investigation and mitigation of product-related security incidents (PSIRT) Our Requirements * Education: Bachelor's degree in engineering, Computer Science, Mechatronics, Information Science and Electronics, Cyber Security or equivalent * Mandatory Experience: o Min 2 years of experience in product security, ideally in Industrial Automation or automotive field o Programming knowledge in Python and JavaScript o Basic familiarity with different industrial protocols and PLC systems o Experience with CI/CD practices and DevOps o Basic knowledge of Linux * Nice-to-Have: o Understanding of Secure Development Lifecycle and standards like IEC 62443-3 / 62443-4 o Additional knowledge in programming languages such as C, C++ or Shell scripting o Experience with tools like OpenVAS, Nessus, Nmap, Wireshark, embedded or IOT penetration testing o Experience in embedded domain o Experience in Linux hardening