Security V&V Tester Job Vacancy in Schneider Electric Bengaluru, Karnataka – Updated today

Are you looking for a New Job or Looking for better opportunities?
We got a New Job Opening for

Full Details :
Company Name : Schneider Electric
Location : Bengaluru, Karnataka
Position :

Job Description : Security V&V Tester

The DEVS organization of Schneider Digital is serving Energy Management business & delivers a suite of software applications to perform commissioning of a switchboard consisting of edge and core electrical & network devices. These applications include the EcoStruxure Power Commission Desktop & Mobile apps and Cloud Commissioning that serves as a common cloud backend for these apps. We are looking for a talented Security Verification & Validation Pen Test Engineer to join our R&D team.
The Security V&V Engineer will be responsible to ensure that the correct level of security is applied to the apps and that no serious security defects are released in the app.
This position is well suited to a collaborative proactive individual who enjoys working closely with technical team members in a fast-paced environment to ensure security is integral to the software and is not an afterthought. Strong knowledge of security tools and testing is required.

Job Description:

Ensure that the software apps meet their security requirements
Understand the threat model of the software apps and ensure known threats are mitigated
Penetration testing of software apps (including desktop, mobile, cloud and web) using various ethical hacking methods (fuzzing, flooding, OWASP Top 10, SANS Top 25 & etc).
Efficient and effective usage of pen test tools , Methodologies as well as demonstrate less dependency on tools.
Good grip on scripting languages, preferably python/Ruby
Use the software apps & work on exploiting the connected devices which use variety of network protocols of like Modbus TCP/IP, Modbus Serial, REST APIs, etc.
Learn and apply wide variety of security and IT/OT technologies to enhance Penetration testing.
Document and report result to project teams and stakeholders

Qualifications
Job Requirements:

Able to translate high level requirements from PM/PO into a list of real functional and testable requirements.
Participate in the Threat Modeling Process & document tests for the requirement that will be produced
Know the basics of running fuzzers and vulnerability scanners
Know-how to use the CVSS scoring tool for security bugs.
Understand the STRIDE failure modes for application security

Required Qualifications:

Bachelors in (CS, ISE, Instrumentation or Electronics) with aggregate of 70% and above.
Good communication skills (verbal and written).
Hands on experience and knowledge of programming languages and web technologies.
Have understanding of protocols like MODBUS, Ethernet IP, OPC etc.
Have exposure to PEN testing concepts and methodologies.
Keen to pursue PEN testing knowledge in IT/OT domain.
Experience range: 5+ years.

Desired Qualifications:
Certifications – Any or combination of OSCP/OSCE/OSWP/GWAPT/GPEN/CEH.
Participated in national/ international cybersecurity conferences.
Participated in Bug Bounty Programs.

Primary Location
: IN-Karnataka-Bangalore
Schedule
: Full-time
Unposting Date
: Ongoing

This post is listed Under  Technology
Disclaimer : Hugeshout works to publish latest job info only and is no where responsible for any errors. Users must Research on their own before joining any company