What's the role?
The Cyber Security Engineer will be part of the Cyber Security team consisting of employees and external partners for Hilti’s Digital Marketing and Services unit. Project scope includes E-commerce sites, collaboration apps, digital catalog and learning systems to help Hilti clients buy, engage, and learn about, and how to use, Hilti products. The Cyber Security Engineer influences both internal and external stakeholders at all levels in developing and depending secure systems for all Digital marketing platform applications.
Provide leadership in the Cyber Security areas of: Vulnerability Scanning; Certificate and Password Policy Management; Data Analysis of security monitoring outputs; coordination of Remediation Patching; Analysis of threat landscape and advise development team on cyber risk and mitigation measures; and other daily Security and Compliance efforts. You will work in close collaboration with Security Incident Responders, Cyber Threat Intelligence Analysts and Cybersecurity Architects in the team and with colleagues in IT Operations to improve the overall security posture of Hilti.
Who is Hilti?
Hilti is where innovation is improving productivity, safety and sustainability in the global construction industry, and beyond. Where strong customer relationships are creating solutions that build a better future. Where there is pride and a sense of belonging across our 120 locations, carrying right into our lives and homes. Where people are exploring possibilities, leveraging their potential, owning their personal development and growing lasting careers.
What does the role involve?
- Manage and enforce with security governance policy.
- Managing identify and access management thru collaboration with Global IT managed Active Directory, AWS IAM
- Ensure that development team members have the least-privileged access that they can function day-to-day.
- Audit of access logs for seeing patterns and possible violations. Create scripts or automation of audit checks.
- Managing security policy for secure coding guidelines for the application development team. Responsibility includes managing, administrating and enforcing security policies for tools like Secure Code Analysis and Dynamic Application Security Testing
- Vulnerability management
- Assists in penetration testing preparedness.
- Managing and creating alerts for potential security incidence like looking at access errors, possible attacks and working with the API gateway and network team in transparencies of errors across the data access path
- Automation implementation for proactive security check
- Container security verification, by ensuring the container to be deployed is check for security vulnerabilities, including dependency checks that might compromise the data access.
- Automation of backup and restore.
- Ensuring all the logs are properly archive and can be used for future security incidence investigation.
- Network Segmentation and Data access protection
- Implementation and management of network segment within the AWS clusters and its needed services. Also ensure the connectivity and access control to-and-from third-party providers, such as payment providers, are hardened, and properly validated.
- For secure data access, ensure the data has the proper rule and setup for integrity, availability, and confidentiality. Collaborate with the Global IT team in ensuring the data is properly backup with timely snapshots, encrypted at rest, and have proper access control.
- Continuously Improved Application and System Security processes and Tools
- By subscribing to Common Vulnerability and Exposure database, we continuously monitor CVE that can affect application or systems and alert and collaborate with the rest of the Application Development and Dev Ops team for code and systems remediation and patching.
- Collaborate with Hilti Information Security Office in improving security control policy and assists in security compliance certification.
- Additional duties, as assigned.
2022 - Top 100 Best Companies to Work For as published by Fortune magazine
What do we offer?
We offer you a unique place to work, where you are part of a creative and diverse team. We give you many opportunities to develop yourself and we will support you in shaping your individual career path. Join our positive team spirit!
What you need is:
- Bachelor’s degree in Computer Science, Computer Engineering or related field (or equivalent work experience
- Minimum six (6) years combined experience in system or network engineering and cybersecurity
- Good knowledge of security standards and cybersecurity frameworks (i.e. CIS, NIST, RFC2196)
- Familiarity with the MITRE ATT@CK framework
- Ability to review and analyze vulnerability data to identify security risks to the organization's network, infrastructure, and application's and determine any reported vulnerabilities that are false positives
- Capability to prepare security vulnerability and risk management reports for management.
- Experience of managing and administration of Security protection tools such as Web Application Firewall, Denial of Service protection
- Working knowledge of Secure Code Analysis and Dynamic Application Security Testing tools
- Scripting knowledge like shell scripting, Node.js, or python that can leverage API and automation tools in cloud provider
- Knowledge of Linux/Unix patch management
and related information security functions (authentication, encryption, iptables, SSL, Ciphers, etc)
- Prior experience working with geographically distributed development teams
- Exceptional organizational skills with strong attention to detail and follow-up
- Excellent communication skills (verbal & written)
Why should you apply?
Here you can leverage your personal strengths and realize your full potential.
Hilti, Inc is committed to employing a diverse workforce. Qualified applicants will receive consideration without regard to race, color, religion, sex, national origin, age, sexual orientation, gender identity, gender expression, veteran status, or disability.