Siemens Cyber Security Software Engineer in Milford, Ohio
Cyber Security Software Engineer
Job Family: Research & Development
Division: Digital Factory
Business Unit: Product Lifecycle Management
Requisition Number: 200933
Assignment Category: Full-time regular
Experience Level: Entry level
Education Required Level: Bachelor's Degree
Travel Required: 5%
Siemens is a global technology powerhouse that has stood for engineering excellence, innovation, quality, reliability and internationality for more than 165 years. As a global technology company, Siemens is rigorously leveraging the advantages that this setup provides. To tap business opportunities in both new and established markets, the Company is organized in nine Divisions: Power and Gas, Wind Power and Renewables, Energy Management, Building Technologies, Mobility, Digital Factory, Process Industries and Drives, Healthcare and Financial Services.
The Siemens Digital Factory Division offers a comprehensive portfolio of seamlessly integrated hardware, software and technology-based services in order to support manufacturing companies worldwide in enhancing the flexibility and efficiency of their manufacturing processes and reducing the time to market of their products.
For more information, please visit: http://www.siemens.com/businesses/us/en/digital-factory.htm
As a Software Engineer you will work closely with development leads in assuring that our code meets the industry expectations as it relates to secure coding, security testing and incident/vulnerability handling.
Do you want to help the Teamcenter product suite improve its security processes and procedures in this ever-changing cyber environment? In an effort to respond to more requests from customers to provide certification of clean code via static/dynamic analysis tools, the successful candidate will be working multiple facets of the security development lifecycle.
You will be initially focused on working on implementation of reducing the backlog of static analysis issues and on reducing the false positives currently found by 3rd party static analysis tool. You will be working with a team on defining and automating the default security test requirements and resulting analysis. You will also be the subject matter expert (SME) in repeatable dynamic test scenarios.
In addition, the successful candidate will work collaboratively in a team-oriented, fast paced and rapid turn environment. You will need a strong work ethic, and be flexible and adaptable in order to respond to critical needs as they arise. On occasion, the you may need to work beyond the conventional business hours of 8am-5pm. You may have direct interaction with customers and must represent the company in a professional manner.
The candidate will minimally be doing the following:
•Editing C/C++, Java, C# and then validating those changes by running internal automated tests
•Suggest improvements to our Coding Guidelines for issues that are most common
•Use static and dynamic analysis tools to find issues and automate the execution of these tools
•Opportunity to work as a “white hat hacker” by using industry standard tools to do fuzzy testing
•Help validate incident/vulnerabilities as reported by others
Required Knowledge/Skills, Education, and Experience
•Education - BS/BA in Computer Science or Computer Engineering or equivalent
•1 - 10 years of experience in object-oriented software development using C++. Additional preferred skills in Java and / or C#.
•Experience with one or more scripting languages (e.g. Perl, Python, Jenkins, shell)
•Experience in software debug and troubleshooting
•Practical experience in all phases of software development life cycle
•Demonstrated ability to create and brief technical presentations
•Effective communication skills (i.e. Oral, Written & interpersonal)
•Minimal, if any, travel will be required
Qualified Applicants must be legally authorized for employment in the Unites States. Qualified Applicants will not require employer sponsored work authorization now or in the future for employment in the United States.
Preferred Knowledge/Skills, Education, and Experience
•Experience with static and dynamic analysis tools such as Coverity, IBM AppScan, Rapid7 AppSpider, SmartAttack, or Burp Suite
•Experience with automating repeatable processes
•Experience porting code to different platforms
•Experience with version control software (e.g. Git, Perforce, CVS, etc)
•Experience with Coverity (or Klockworks), IBM AppScan, Rapid7 AppSpider, or BurpSuite would be preferred.
•Experience doing white hat hacking or penetration testing.
Equal Employment Opportunity Statement
Siemens is an Equal Opportunity and Affirmative Action Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to their race, color, creed, religion, national origin, citizenship status, ancestry, sex, age, physical or mental disability, marital status, family responsibilities, pregnancy, genetic information, sexual orientation, gender expression, gender identity, transgender, sex stereotyping, protected veteran or military status, and other categories protected by federal, state or local law.
EEO is the Law
Applicants and employees are protected under Federal law from discrimination. To learn more, Click here at https://www.dol.gov/ofccp/regs/compliance/posters/ofccpost.htm .
Pay Transparency Non-Discrimination Provision
Siemens follows Executive Order 11246, including the Pay Transparency Nondiscrimination Provision. To learn more, Click here at https://www.dol.gov/ofccp/pdf/PayTransparencyNotice_JRFQA508c.pdf .