Systems Security Engineer
Watertown, MA, United States
Applications have closed
Bosch Group
Moving stories and inspiring interviews. Experience the meaning of "invented for life" by Bosch completely new. Visit our international website.Company Description
Bosch Thermotechnology in North America In North America, Bosch Thermotechnology is a leading source of high quality heating and cooling systems. In particular, the company offers BOSCH tankless, point-of-use and heat pump electric water heaters, Buderus floor-standing and wall-hung boilers, FHP geothermal systems as well as smart thermostats, controls and accessories.
Bosch Thermotechnology is committed reinventing energy efficiency by offering smart products that work together as integrated systems enhancing the quality of your life in an ultra-efficient and environmentally friendly manner.
Job Description
As a systems security engineer you will play a key role in the evaluation, support, management, and implementation of security measures pertaining to Bosch Thermotechnology HVAC control and communicating systems. The selected individual will possess some experience in the design and validation of security services executing on different hardware platforms. He or she will assume the role of Project Security Manager for current and future projects, and be responsible for security feature implementation according to the product life cycle for various HVAC connected systems.
Job Responsibilities
- Security reviews for new features, products, technologies, and services.
- Secure design, architecture, implementation, and penetration testing of HVAC connectivity systems.
- Secure development life-cycle (SDLC) practices including threat modeling and security testing.
- Influence decision-makers and stakeholders throughout the TT-CW organization across project teams to achieve a consistently high security bar.
- Assist in security review engagements and lead remediation efforts.
- Create security guidance and documentation (e.g. Security Concept) for development.
- Develop and deliver security training and outreach to internal development teams.
- Develop and improve metrics that drive desired behavior and security outcomes.
- Identify pressing security problems that are amenable to automatic detection. Work to implement new detection techniques and tools.
- Ensure that detected security issues are treated with a level of urgency that reflects their true risk.
- Investigate security issues and identify opportunities for detecting or preventing similar issues with automation.
- Provide guidance to the TT RBU Engineering and third-party development teams on secure coding and development practices.
Qualifications
Basic Qualifications:
- Bachelor of Science in Computer Engineering or Computer Science
- 3+ years of experience with any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security
- 3+ years knowledge and understanding of security engineering, system and network security, authentication and security protocols, cryptography, or application security
Preferred Qualifications:
Technical Skills
- Desired experience working in the HVAC/Refrigeration industry, with a familiarity of existing HVAC residential and commercial equipment, systems and suppliers.
- An advanced degree is preferred.
- Demonstrated experience collaborating with other security engineers and developers to deliver complex projects.
- Knowledge and experience with cryptography and computer security.
- Knowledge of full life-cycle software engineering practices including coding standards, testing, source control management, and operations.
- Strong demonstrated knowledge of web protocols, common attacks, and an in-depth knowledge of operating systems (OS) tools and architecture.
- Experience with virtualization technologies, especially with AWS services.
- Relevant industry certifications (e.g. AWS Certified Security) a plus.
- Familiarity with Bosch Security Engineering Process (SEP), or similar process, a huge plus.
Soft Skills
- Ability to work with geographically dispersed teams and a diverse cultural environment.
- Maturity, judgment, negotiation/influence skills, analytical skills, and leadership skills.
- Ability to quickly come up to speed on new projects.
- Experience in a startup or high-growth environment is highly desirable.
- Strong communication skills, both written and verbal, with both internal team members and external business stakeholders.
- Able to communicate and present complex technical concepts across technical and non-technical organizations.
- Ability to work with minimal supervision in a lean and fast paced environment.
- Ability to identify a clear set of tasks needed for project planning.
- Creativity and ability to learn quickly are essential.
- Excellent collaboration and teaming skills.
Additional Information
By choice, we are committed to a diverse workforce - EOE/Protected Veteran/Disabled.
Indefinite U.S. work authorized individuals only. Future sponsorship for work authorization unavailable.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security Automation AWS Computer Science Cryptography Network security Pentesting SDLC
Perks/benefits: Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open CI/CD-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs