24 days old

IoT Security Engineer

Kimberly-Clark Corporation
Roswell, GA 30075
Apply Now
Apply on the Company Site
  • Job Code
    802471
IoT Security Engineer

Job Description

The IoT Security Engineer will perform cloud application & infrastructure security support, functional assessment of IoT cloud platforms, participate in security certification and provide overall cyber security consulting directly tied to the Kimberly-Clark Professional Onvation Restroom management IoT solution. This role will be embedded with Kimberly-Clark Professionals product development team, delivering the Onvation Restroom management System. While directly focused on the security needs and IoT platform for Onvation, you will also be responsible for coordinating with global IT security initiatives, including IoT connectivity system, application software, web and mobile Cloud-hosted applications.

The main missions & responsibilities for the position of IoT Cyber Security Analyst are the following:

  • Contribute to a standard set of functional and non-functional security requirements for embedded systems, application software (client & server), web and mobile applications.
  • Bring security support to Kimberly-Clark Professional R&D projects during offer development, in operations, and in support of Incident Response and Vulnerability Management.
  • Support offer creation security requirements generation through consultation and review. Coach and mentor the development project teams on the security concepts and advise on implementation. Assist development teams in mitigating identified vulnerabilities during Threat Model/risk analysis and Penetration Testing.
  • Contribute to the cyber security internal certification of cloud offers in coordination with cybersecurity stakeholders
  • Work closely with Cyber-Security Architects to the definition of the cyber-security reference architecture for connected IOT/cloud offers.
  • Contribute to investigate 3rd party cyber security offer to improve the global security level of our offers
  • Build relationship and collaborate with other stakeholders

ESSENTIAL FUNCTIONS:

  • Create, manage, and facilitate a risk, control and compliance program for the Onvation Restroom management IoT solution to ensure controls are properly designed, implemented, executed, and tested in keeping with Kimberly-Clarks appetite for risk.

  • Help collect and review an inventory of all information assets (applications, data, and all supporting services and infrastructure). Analyze threats and vulnerabilities to determine inherent risk to information assets.

  • Assist in the design of controls as driven by K-C policies, standards, and other authoritative sources to mitigate risk and measure residual risk.

  • Report K-C risk posture in reviews with senior ITS leaders and the K-C Chief Information Officer (CISO).Optimize controls by sharing and teaching our customers while gathering feedback on where changes to policies may be needed.

  • Develop and maintain productive relationships through individual contacts and group meetings within team.

  • Act as a liaison with K-C Compliance team, ITS, K-C Internal Audit, external audit groups, regulators, and business areas to ensure full understanding of control requirements and assessment procedures.

  • Identify best practices and implementation standards.

  • Promote and support an enterprise perspective and vision for controls.

  • Provide leadership for remediation and compliance projects.

  • Adhere to all organizational and professional ethical standards.

MINIMUM REQUIREMENTS:

  • Bachelor's degree

  • 5+ years of experience in software, cyber security & cloud applications

  • IoT Experience preferred

  • Experience in application security & cloud infrastructure

  • Good knowledge and experience in Secure Development Lifecycle, including threat modeling & risk analysis, vulnerability scanning tools

  • Good knowledge of virtualization technologies

Preferred Skills/Qualifications:

  • Ability to span security expertise over hardware, software, and firmware domains.

  • In-depth experience with security threats and vulnerability research along with practicing security development lifecycle best practices including:

  • Threat modeling

  • Security code review, analysis and vulnerability assessment

  • Reverse engineering skills

  • Exploitation and mitigation technique development

  • Security testing techniques fuzzing and pen-testing

  • Expertise in architecting, strategizing and evangelizing advanced product security counter measures into products is valuable

  • Experience in endpoint, network and application security

  • Strong analytical and problem solving skills

  • Demonstrated ability to deliver results when working in cross-functional teams

  • Builds appropriate and effective business relationships

  • Strong communication and presentation skills - communicates effectively, both formally and informally

  • Makes decisions which impact the success of assigned projects i.e. technologies, platforms and partners

  • Strategic perspective keep strategies in mind, and not being deflected by matters of detail.

  • Excellent problem solving with the ability to balance competing project and resource demands

  • Experience in software development life cycle and agile development methodology

  • Offensive security and penetration testing experience (Metasploit, Meterpreter, Websploit, Nmap, Nessus, Burp Suite, SSL Strip, Websploit, Penetration Testing, Brute Force)

  • Familiarity with modern IT security deployments in large enterprises

  • Strong knowledge of security vulnerabilities and remediation techniques, including red team operations, development of exploits and incident response.

  • GCIH, GPEN, OSCP, OSCE, or OSEE

Key Customers:

  • K-C professional product development and innovation team

  • Global IT teams, particularly the Enteprise IoT Team and CyberSecurity & Assurance

  • Vendors

Other Skills:

  • Product development experience
  • Passion for learning and taking on new challenges willing to learn new IOT technologies
  • Passion for the end-user experience. Works under broad direction. Work is often self-initiated. Is fully accountable for meeting allocated technical and/or project/supervisory objectives.
  • Creative, dynamic and forward thinking individual who has a passion for change

ORGANIZATIONAL RELATIONSHIPS/SCOPE:

The IoT Security Engineer is part of the IT Organization, but takes work direction from the K-C Professional Onvation Product team. As an Onvation product team member you will also collaborate with the enterprise IoT smart product team, as well as the IT CyberSecurity & Assurance Team and delivery.

Kimberly-Clark and its well-known global brands are an indispensable part of life for people in more than 175 countries. Every day, 1.3 billion people - nearly a quarter of the world's population - trust K-C brands and the solutions they provide to enhance their health, hygiene, and well-being. With brands such as Kleenex, Scott, Huggies, Pull-Ups, Kotex, and Depend, Kimberly-Clark holds No.1 or No. 2 share positions in more than 80 countries. With more than 140 years of history of innovation, we believe in recruiting the best people and empowering them do their best work. If fresh thinking and a passion to win inspire you, come Unleash Your Power at Kimberly-Clark.

Kimberly-Clark is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, sexual orientation, gender identity, age, pregnancy, genetic information, citizenship status, or any other characteristic protected by law.

The statements above are intended to describe the general nature and level of work performed by employees assigned to this classification. Statements are not intended to be construed as an exhaustive list of all duties, responsibilities and skills required for this position.

This position may require a post-offer/pre-hire Physical Abilities Test (PAT) to confirm that individuals are able to perform the essential functions of the job.

K-C requires that an employee have authorization to work in the country in which the role is based. In the event an applicant does not have current work authorization, K-C will determine, in its sole discretion, whether to sponsor an individual for work authorization. However, based on immigration requirements, not all roles are suitable for sponsorship. This position is subject to drug and alcohol testing, including pre-employment testing.

*LI-POST

Global VISA and Relocation Specifications:

K-C will support in-country relocation for the chosen candidate for the role. The benefits provided will be per the terms of K-Cs applicable mobility policies. The benefits/policy provided will decided in K-Cs sole discretion.

Primary Location

USA-GA-Atlanta-Roswell

Additional Locations

USA-TX-Dallas, USA-WI-Neenah

Worker Type

Employee

Worker Sub-Type

Regular

Time Type

Full time





Categories

Posted: 2020-02-01 Expires: 2020-03-01

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

IoT Security Engineer

Kimberly-Clark Corporation
Roswell, GA 30075

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast