Cybersecurity Engineer

Join Solar Turbines!

As a Cybersecurity Engineer, you will work at the intersection of Defensive Measures, Security Operations and Monitoring, and Cybersecurity Response.

This will include the operation execution of cybersecurity vulnerability management, assessing the likelihood of exploitation and any potential impacts to the safety and effectiveness of Solar Digital’s devices and applications. Additionally, this role will be responsible for the design and development of solutions to mitigate any Cybersecurity risks assessed against Solar Digital’s infrastructure, devices and applications.

This role will also assist with providing solutions and designs, ensuring compliance with stated governance and controls, support incident response efforts and other various tasks to support the various Cloud technology stacks, applications, and services utilized by the enterprise.

The engineer should be comfortable working independently with guidance from a Cybersecurity Architect/Senior Cybersecurity manager and amongst a team.

What will be your task at this position?

Responsibilities include one or more of the following:

· Planning, implementing, managing, monitoring, and upgrading security measures for the protection of the Solar Digital’s data, systems, and networks.

· Participating in the change management process by reviewing release work items (RWI)

· Testing and identifying network and system vulnerabilities / Work with the GIS/CAT security team to perform tests and uncover network/application vulnerabilities.

· Automation of security controls and support to application development teams throughout the secure software development life cycle (S-SDLC) on a variety of security domains

· Responding to all system and/or network security breaches.

· Ensuring that Solar Digital’s data and infrastructure are protected by enabling the appropriate security controls

· Participate in application threat modeling and attack and penetration testing activities

· Conduct cybersecurity risk assessments of Solar Digital/Caterpillar developed and purchased applications (incl. CSIRT reviews)

· Perform/participate in Log Analysis for/with teams

· Develop best practices and security standards for the organization

· Understand various standards and regulatory compliance requirements (such as SOC-2, ISO 27k,IEC62443)

· Participate in the construction of a “cyber-safe culture” within the company by supporting the various teams and customers in the implementation of good safety practices

· Daily administrative tasks, reporting, and communication with the relevant departments in Solar Digital/Solar Turbines

· Employee is also responsible for performing other job duties as assigned by Solar Digital management from time to time

· You have advanced English and communication skills (B2/C1): clear and concise communication; able to address stakeholders of different backgrounds and technical expertise

What do we expect from a suitable candidate?

Basic qualifications:

· Bachelor's Degree or relevant experience in Cybersecurity, Computer Engineering, Information Technology, Information Systems or related field

· Proven record of strong technical understanding (penetration & vulnerability testing, Identity & Access Management, Application security & encryption technologies)

· 3 years or more of relevant industry experience

· Strong understanding of Agile methodology, preferable Scaled Agile Framework

· High level experience with computer network penetration testing and techniques

· Ability to identify and mitigate network vulnerabilities and explain how to avoid them

Top candidates will also have:

· Interest in working collaboratively with engineering leadership, product owners, software developers and other key stakeholders.

· Ability to work independently without any (or minimal) degree of supervision.

· Passion for technology and an eagerness to contribute to a team-oriented environment

· Some degree of Cloud experience

· Pro-active thinking - being flexible and creative

· Self-motivated mentality - individual with passion in latest technology trends

· Strong communication skills and the ability to collaborate with other team members

· Ability to adapt quickly to a complex environment

· Experience with secure coding practices (SDLC), DevSecOps, Pen testing and Threat modeling

· Triaging, categorization & escalation of vulnerabilities

· Understanding of OWASP Top 10 (Web, Mobile & API), SANS 25, CVE's

· Proficient experience with leading vulnerability management tools

· Have basic programming language skills (Java or .Net or Python) and scripting skills (Python, Powershell, Bash)

· Have an associate-level IT certification from a vendor such as Cisco, CompTIA, AWS, ISC2 or another, ideally in the cybersecurity/information security field. Other IT-related certifications are also welcome

What is Solar Turbines offering to you?

• Excellent professional growth and career opportunities in an international environment of a worldwide leader in a very exciting and growing sector of industry
• Generous pension Plan - Company Contribution to III. Pillar
• Life Insurance
• Extra 5 days’ vacation per annum on top of the legislative entitlement
• Employee assistance program for employees and their family members
• Employee Referral Program
• Volunteering Day benefit
• Flexible working hours
• Remote Work / Home Office