Arrow Components ↗

Industrial Cybersecurity Engineer - Embedded/DevSecops

📍 Blue Ridge, AR, India 🇮🇳

full-time

senior

Posted —

Apply Now ↗

CC++TLSSSHModbus

EnergyIndustrial Automation

Position

Industrial Cybersecurity Engineer - Embedded/DevSecops

Job Description

Key Responsibilities

Conduct vulnerability assessments, coordinate penetration testing activities, and perform risk analysis.
Support secure system architecture reviews and threat modeling initiatives.
Enforce organizational security policies, standards, and procedures.
Investigate security incidents and lead root cause analysis along with remediation actions.
Ensure alignment with relevant standards such as IEC 62443, EN18031, and ISO 27001.
Support cybersecurity compliance initiatives including IEC 62443, EU CRA, ISO 27001, and NIST frameworks.
Maintain security documentation, playbooks, and incident response plans.
Ensure secure design principles are applied, including least privilege, defense in depth, and secure defaults.
Validate secure implementation of requirements and mitigation strategies.
Perform security testing on firmware releases from development teams.
Apply Static Code Analysis techniques to identify security vulnerabilities in code.
Conduct Software Composition Analysis to support software supply chain security.
Participate in unit testing and secure code reviews.
Continuously improve security practices by staying informed on emerging threats, tools, and industry practices.
Collaborate with DevOps and engineering teams to integrate security practices within CI/CD pipelines.

Required Qualifications

Minimum 5 years of experience in industrial cybersecurity or IT/OT security environments.
Engineering degree or equivalent experience in Software Engineering, Computer Science, or Cybersecurity.
Strong programming skills in C and C++.
Solid understanding of encryption algorithms, key management, and secure protocols such as TLS and SSH.
Knowledge of common software vulnerabilities including OWASP Top 10 and CWE/SANS Top 25.
Familiarity with Linux, Windows, RTOS environments, and network protocols such as TCP/IP, DNS, and HTTPS.
Understanding of industrial communication protocols including Serial, Modbus, and HART.
Familiarity with cybersecurity frameworks and standards such as IEC 62443, ISO 27001, NIST, and OWASP.
Self-motivated with the ability to work effectively in a collaborative team environment.
Experience working with Software Bill of Materials (SBOM).