Innova Solutions is immediately hiring for a Cyber Security Engineer

Position type: Full-Time, Contract
Duration: 12 Month
Location: St. Paul, MN

As a Cyber Security Engineer , you will:
As a Senior Cybersecurity Engineer, you will be responsible for working with other Building Automation System (BAS) controls and software engineering team members to identify business, technology and product risks and vulnerabilities in the early stages and embed security requirements to address and validate them. A lot of this is done by conducting security assessments where the activities will include threat modeling, attack modeling, security DFMEA, vulnerability assessment, triaging, and reporting.

This Sr. Cyber Security Engineer will also collaborate with product architects, system engineers, developers, and testers to implement secure designs by employing secure communications, network/device access control, authentication, authorization, cryptography, audit, forensics, and anomaly and misuse detection to provide information security (integrity, confidentiality, availability, and non-repudiation).

Core Job Responsibilities:

• Define and develop processes and methodologies for designing secure systems.
• Engage with teams to conduct security risk assessments and conform to organizational remediation/mitigation timelines in different phases of the secure product development lifecycle.
• Provide product security support to development teams, including reviewing and explaining security tools and processes, providing vulnerability explanations and remediation guidance.
• Optimize product/system security by creating and reviewing architecture and detailed design solutions that reflect best practices.
• Coordinate product security program metrics and reporting.
• Support ongoing vulnerability and patch management through tracking, triaging, and prioritizing across all products to minimize the potential security risk.
• Help drive system and product requirements to meet the regulatory and compliance requirements (like GDPR, ISO, ISA/IEC, SOC2, FedRAMP)
• Assist with training and mentoring of security champions.
• Partner with third-party vendors to deliver software security tools and services.
• Provide expert consultation on application security requirements and best practices with vulnerability scanning and secure application design.
• Partner closely on security operations tasks with cross-functional teammates in IT, DevOps, Engineering, Compliance, and Test
• Manage 3rd party partners and vendors supplying cybersecurity-related services.
• Identify the design implications within a platform and system and work with teams to minimize vulnerabilities.
• Influence program decisions to reduce the risk exposure of the company.
• Participate in Zero-day remediation, Hotfixes, and Incident Response efforts.
• Identify and review test coverage for the security aspects of the system.
• Assist in responses to external audits, customer questionnaires, penetration tests and vulnerability assessments.
• Self-motivated to stay engaged with the market on new security products, threats, and vulnerabilities and to apply innovative approaches in technology, marketing and service operations to meet those needs.

Basic Qualifications

• Bachelor's or master's degree in computer science, Electrical Engineering or similar engineering discipline with an emphasis on cyber security
• 8+ years of cumulative experience in software development and engineering expertise in Application, Network, Cloud, Mobile, IoT, ICS, Embedded systems, APIs
• 5+ years of expertise in Product Security, Security Architecture and Security Assessment: Threat Modeling, Secure Development, Risk Assessment, Threat Analysis, DFMEA, Penetration testing, SDLA tools
• Strong understanding of operational technology principles, concepts, and techniques
• Strong knowledge of current security threats, techniques, and landscape, as well as a self-motivated desire to research current in the cybersecurity landscape.
• Strong knowledge of OpenSSL, TLS mutual authentication, PKI, digital signatures, and certificate management
• Ability to research, develop, and keep abreast of tools, techniques, and process improvements in support of security detection and analysis following current and emerging threats
• Implementation experience or knowledge of security controls
• Should have good knowledge of security containers, hands-on experience with DevSecOps principles, and a good handle on end-to-end DevSecOps processes.
• Technical understanding of cloud-native architecture and engineering best practices (AWS, Azure, Google Cloud)
• Working experience with OWASP Top 10 for web applications
• Knowledge of penetration testing techniques, application security vulnerabilities, OWASP Top 10, SANS 25, CWE, etc.
• Knowledge of Security Industry Standards and Frameworks: e.g., NIST, ISA/IEC, GDPR, SOC2
• Excellent verbal and written communication skills, with the ability to communicate to all levels of the organization.

Preferred Qualifications

• Familiar with DISA STIG assessment and implementation for Linux and/or Windows systems
• Desirable security certification(s): GICSP, GCLD, GSOC, GDSA, or any other relevant certifications.

The ideal candidate will have: 5+ years of expertise in Product Security, Security Architecture and Security Assessment: Threat Modeling, Secure Development, Risk Assessment, Threat Analysis, DFMEA, Penetration testing, SDLA tools.

Qualified candidates should APPLY NOW for immediate consideration! Please hit APPLY to provide the required information, and we will be back in touch as soon as possible.
We are currently interviewing to fill this and other similar positions. If this role is not a fit for you, we do offer a referral bonus program for referrals that we successfully place with our clients, subject to program guidelines. ASK ME HOW.
Thank you!
Dishank Sharma
Sr Associate Recruitment

PAY RANGE AND BENEFITS:
Pay Range*: $55-68 per Hour
*Pay range offered to a successful candidate will be based on several factors, including the candidate's education, work experience, work location, specific job duties, certifications, etc.

Benefits: Innova Solutions offers benefits( based on eligibility) that include the following: Medical & pharmacy coverage, Dental/vision insurance, 401(k), Health saving account (HSA) and Flexible spending account (FSA), Life Insurance, Pet Insurance, Short term and Long term Disability, Accident & Critical illness coverage, Pre-paid legal & ID theft protection, Sick time, and other types of paid leaves (as required by law), Employee Assistance Program (EAP).

ABOUT INNOVA SOLUTIONS: Founded in 1998 and headquartered in Atlanta, Georgia, Innova Solutions employs approximately 50,000 professionals worldwide and reports an annual revenue approaching $3 Billion. Through our global delivery centers across North America, Asia, and Europe, we deliver strategic technology and business transformation solutions to our clients, enabling them to operate as leaders within their fields.

Recent Recognitions:

• One of Largest IT Consulting Staffing firms in the USA - Recognized as #4 by Staffing Industry Analysts (SIA 2022)
• ClearlyRated® Client Diamond Award Winner (2020)
• One of the Largest Certified MBE Companies in the NMSDC Network (2022)
• Advanced Tier Services partner with AWS and Gold with MS

Website : https://www.innovasolutions.com/

Innova Solutions is an Equal Opportunity Employer and prohibits any kind of unlawful discrimination and harassment. Innova Solutions is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment on the basis of race, color, religion or belief, national origin, citizenship, social or ethnic origin, sex, age, physical or mental disability, veteran status, marital status, domestic partner status, sexual orientation, or any other status protected by the statutes, rules, and regulations in the locations where it operates. If you are an individual with a disability and need a reasonable accommodation to assist with your job search or application for employment, please contact us at hr@innovasolutions.com or (770) 493-5588. Please indicate the specifics of the assistance needed. Innova Solutions encourages all interested and qualified candidates to apply for employment opportunities. Innova Solutions (HireGenics/Volt) does not discriminate against applicants based on citizenship status, immigration status, or national origin, in accordance with 8 U.S.C. § 1324b.
The company will consider for employment qualified applicants with arrest and conviction records in a manner that complies with the San Francisco Fair Chance Ordinance, the Los Angeles Fair Chance Initiative for Hiring Ordinance, and other applicable laws.