Lead Engineer - Product Cyber Security

D. Providing hands-on guidance to product teams as they implement complex cybersecurity features and requirements in their products, in line with various cybersecurity standards.

D. Evangelizing and providing technical security trainings to software developers and test engineers across the organization and evangelizing the importance of cybersecurity in other functions like product / project management & sales /services.

E. Monitoring evolving threat landscape, cybersecurity technologies, Power Management Systems, Embedded Containers security, standards, frameworks and drive continuous improvement in Eaton's cybersecurity requirements, frameworks and processes.

F. Working with project teams, to provide continuous threat modeling, risk assessment, Tool based assessments, SAST, SCA and other automated tool runs, in CI/CD pipelines across scrum teams doing product development in Agile mode. Own or co-author key cybersecurity documents (e.g., Cybersecurity Product Requirements, Detailed Requirements Annexure, Design & Implementation Review, Secure Configuration Guidance, Vulnerability Management Plan, EULA inputs)

G. Collaborate with product teams to define and interpret cybersecurity requirements, assess their impact on product design and development, and identify robust technical solutions to ensure compliance and security throughout the product lifecycle

H. Drive "shift-left" practices; onboard projects to enterprise platforms (Code Signing, Black Duck SCA, Coverity SAST) and enforce gating criteria.

I. Coach engineers and champion security culture; help define role-based training paths and uplift maturity."

Qualifications:

Bachelor's or master's degree in Computer Science, Electronics Engineering, Electrical Engineering.
"8+ years of relevant experience in Product cybersecurity, in product/embedded/application cybersecurity or secure product development.
5+ years Hands-on experience with secure boot, secure firmware/software update, crypto (PKI, key management), authentication/authorization, logging & monitoring, and hardening for embedded or connected products."

Skills:

"The engineer should be -
1) Understanding and experience in working across multiple phases of Secure Product Development Lifecycle, performing Penetration Testing of various technologies and Threat Modeling of products, systems and solutions. With a focus on Cloud / Industrial IoT / Critical Infastructure products (Must have).
2) Knowledge of attacks and mitigation in : Cloud-based applications, Network protocols and secure network design; Operating system internals and hardening (e.g. Windows, Linux, OS X, Android); Web application securtiy
Mobile App security.
3) Having a knowledge of CI/CD pipelines and tools for SAST, SCA and other CI/CD tools.
4) Able to understand cybersecurity including (Containers, dockers) concepts in depth and be able to apply those concepts to Eaton products for cybersecurity testing.
5) Able to perform Threat Modeling and Risk Assessment for Eaton products
6) Having hands-on experience in various Cybersecurity activities including but not limited to - Cybersecurity assessments and penetration testing; Authentication and access control; Applied cryptography and security protocols; secure coding; preferably on embedded, ICS and IoT products.
7) Experience in one or more domains: Industrial/OT, eMobility/automotive, data center, IoT/IIoT, gateways/cloud connectivity.
8) Having Good understanding of security protocols (HTTPS, HSTS, TLS, SSH, 802.11 security, Bluetooth, Zigbee) and ICS protocols (IEC 61850, DNP3, Modbus, WirelessHART, CAN)
9) Having knowledge of attacks and mitigation in : Network protocols and secure network design; Operating system internals and hardening (e.g. Windows, Linux, OS X, Android); Web application and browser security.
10) Having certifications like CSSLP/SANS 549/SANS 510/CCSP (any one ) is a plus.
11) Familiarity with enterprise project tools (Jira) and stage/gate frameworks; experience preparing for external audits and customer assessments.
12)Contribution to security standards, internal frameworks, or enablement (training, playbooks, reference designs)."
"1) Ability to work in and with diverse & multi-cultural and geographically dispersed teams
2) Ability to collaborate across multi-disciplinary teams (legal, IT, product management, project management)
3) Ability to present to various levels of engineering and business leadership globally.
4) Excellent Documentation Skills
5) Be a technical mentor to other members of the team and beyond as needed"

Client-provided location(s): Pune, India

Job ID: Eaton-50356Hadapsar

Employment Type: OTHER

Posted: 2025-09-06T18:37:29