The Honeywell UOP Digital Technologies organization currently consists of passionate engineers who strive to demonstrate excellence in the field of Transformative Software Development. We are not only responsible for the productivity of UOP’s Engineering Community through tools and connectivity, but also responsible for leading software innovation across the UOP business unit. The Digital Technologies organization is a startup within the enterprise where you will have an opportunity to help define standard practices for the entire organization, be a key leader in this important area of growth and share your experiences and learnings to a global community of engineers and managers.KEY RESPONSIBILITIES
.Security policy implementation for all web and windows applications
.Lead Security Audits
.Interface with Enterprise IT and provide distilled, clear policy implementation for team.
.Promote Security standards and guidelines laid by Enterprise IT team.
.Work with Application teams to implement agreed security standards.
.Metric development/reporting
.Risk/OPP development and management
Building and managing IT standard work to establish a governance model and management operating system for cyber safety compliance efforts. You will coordinate working sessions with IT process and IT service owners to drive continuous improvement, issues remediation and effective management of risk. You will establish standard artifacts to be leveraged for cyber safety functions in support of their efforts. You will manage project documentation for process engagements to make sure required PMO documentation is consistently updated per PMO standards. Working sessions with asset owners to identify adherence and gaps to the IT process areas.Key Responsibilities
HTSIND2020
You must have
Bachelor’s degree in computer science engineering or equivalent
Should possess excellent verbal and written communication skills
Atleast 7+ years of experience in software engineering domain and 3 years in application security domain
Expert level understanding on security threats such as XSS, CSRF, DOS & DDOS, SQL Injection, Buffer overflow etc.
Expert level understanding of application development Security Errors: SANS 25
Experience implementing compliance with OWASP, ISO27002 frameworks
Static code analyzer audits for identification of vulnerabilities, recommendation of elimination, and setting standards.
We value
In depth understanding of latest and top web application security risks and threats, theory, how it’s done and how to prevent.
In depth understanding of data security and safety technologies (products, algorithms, and processes) and international laws and standards.
Solid knowledge on networking, common and secured network protocols.
Solid knowledge and development experience using OAuth2.
Proven development experience fixing/patching security vulnerabilities.
Experience conducting and driving security reviews.
Experience implementing RBAC systems.YOU MUST HAVE
WE VALUE