Sr. Technical Specialist, Product Cyber Security at Otis - Hyderabad

Role Overview

Otis is seeking a highly skilled and experienced Sr. Technical Specialist to join our Product Cyber Security team. In this role, you will be a key contributor to ensuring the cyber resilience of our products by working closely with product development teams across the globe. You will be responsible for implementing and maintaining our secure development lifecycle process, which embodies a secure-by-design defense in depth philosophy. Your expertise in penetration testing, cyber controls, and architecture review will be crucial in minimizing flaws and improving product security. You will report to a team manager responsible for product architecture review and testing, and your work will directly impact the cyber posture of products installed in customer environments.

Day in the Life of a Sr. Technical Specialist, Product Cyber Security

Imagine starting your day by reviewing the latest vulnerability reports for one of our key product lines. You then meet with the development team to discuss potential mitigations and ensure that security best practices are being followed. After lunch, you conduct a penetration test on a new software release, identifying and documenting any security flaws. In the afternoon, you participate in a threat modeling session for a new product, helping to identify potential attack vectors and design appropriate security controls. Finally, you wrap up your day by contributing to the refinement of our product cyber security incident response management process. No two days are the same, and you'll be constantly challenged to stay ahead of the ever-evolving cyber threat landscape.

• Performing DAST, SAST & Pentest for different products: You will be hands-on, utilizing various tools and techniques to identify vulnerabilities in our products.
• Performing Threat Modeling and Architecture reviews: Your expertise will guide the secure design of new products and modifications to existing ones.
• Handling Product Cyber Incident Response activities: You'll be a crucial part of the team responding to and mitigating cyber incidents.
• Working with product development teams towards secure DevOps activities: You will champion security best practices in the DevOps pipeline.
• Performing functional cyber risk assessments: You'll help product teams understand and address their cyber requirements.
• Coordinating updates to cyber security design policies: You will ensure that our policies are current and effectively integrated into product design.
• Interfacing with global teams and sharing best practices: You will collaborate with colleagues around the world to improve our overall security posture.
• Refining product cyber security incident response management: You will continuously improve our incident response capabilities.
• Validating security controls: You will work with the testing teams to ensure that security controls are effectively implemented.
• Identifying technology and methodology gaps: You will help us stay at the forefront of cybersecurity technology.
• Participating in technical and industry committees: You will represent Otis and contribute to the broader cybersecurity community.
• Creating discipline health score cards: You will monitor and track the security health of our products.

Why Unit 2A & 2B (Octave Block), 6th floor, Parcel - 4, Salarpuria Sattva - Knowledge City, Madhapur, Hyderabad, Telangana, India, Zip/Postal Code: 500081?

Our Hyderabad office, located in Salarpuria Sattva - Knowledge City, offers a dynamic and collaborative work environment. This state-of-the-art facility is designed to foster innovation and teamwork. The location provides easy access to transportation, amenities, and a thriving tech community. Working in this location allows you to collaborate with a talented team of engineers and cybersecurity professionals, contributing to the development of cutting-edge technologies. The Hyderabad office is a key hub for Otis's global engineering and product development efforts, offering you the opportunity to make a significant impact on the company's success.

Career Path at Otis

Otis is committed to providing opportunities for growth and development. As a Sr. Technical Specialist, Product Cyber Security, you can progress along several career paths within our organization. You might advance to a Principal Technical Specialist role, taking on more leadership responsibilities and leading complex projects. You could also move into a management role, overseeing a team of cybersecurity engineers. Alternatively, you could specialize in a particular area of cybersecurity, such as penetration testing or incident response, becoming a subject matter expert. Otis offers a variety of training and development programs to help you achieve your career goals.

Salary & Benefits

Otis offers a competitive salary and benefits package that is commensurate with your experience and qualifications. The salary range for this position is typically between ₹2,500,000 and ₹4,500,000 per year. In addition to your base salary, you will be eligible for performance-based bonuses. Our benefits package includes comprehensive health insurance (medical, dental, vision), paid time off (vacation, sick leave, holidays), an employee stock purchase plan, a 401(k) retirement plan with company match, life insurance, disability coverage, professional development opportunities, tuition reimbursement, and an employee assistance program. We also offer flexible work arrangements and employee discounts on Otis products and services.

Safety Culture at Otis

Safety is our number one priority at Otis. We are committed to creating a safe and healthy work environment for all of our employees. We have a comprehensive safety program that includes training, hazard identification, and risk assessment. We encourage employees to report any safety concerns and to actively participate in our safety initiatives. We believe that everyone has a role to play in ensuring a safe workplace. Our commitment to safety extends to our products and services, ensuring the safety of our customers and the public.

How to Apply

If you are interested in applying for this position, please submit your resume and cover letter through our online application portal. Be sure to highlight your relevant experience and qualifications, and explain why you are a good fit for this role. We encourage you to review the job description carefully and tailor your application to the specific requirements of the position. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

FAQ

1. What are the key responsibilities of a Sr. Technical Specialist, Product Cyber Security?

   The key responsibilities include performing DAST, SAST & Pentest, threat modeling, architecture reviews, handling incident response, contributing to risk management, and collaborating with development teams on secure DevOps.

2. What qualifications are required for this role?

   A Bachelor's degree in cybersecurity, computer science, or a related field is required, along with 10+ years of experience in product cybersecurity and software development, and relevant certifications like OSCP, GSEC, or CEH.

3. What is the salary range for this position?

   The salary range is typically between ₹2,500,000 and ₹4,500,000 per year, depending on experience and qualifications.

4. What benefits does Otis offer?

   Otis offers a comprehensive benefits package, including health insurance, paid time off, employee stock purchase plan, 401(k) retirement plan, and professional development opportunities.

5. What is the work environment like in the Hyderabad office?

   The Hyderabad office offers a dynamic and collaborative work environment with a state-of-the-art facility designed to foster innovation and teamwork.

6. What career growth opportunities are available at Otis?

   Otis offers various career paths, including advancement to Principal Technical Specialist, management roles, or specialization in a specific area of cybersecurity.

7. How does Otis ensure a safe work environment?

   Otis has a comprehensive safety program that includes training, hazard identification, and risk assessment, and encourages employees to actively participate in safety initiatives.

8. What is Otis's approach to diversity and inclusion?

   Otis is an equal opportunity employer and values diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

9. What security standards are important to this role?

   In-depth knowledge of IEC 62443 and related cybersecurity standards.

10. What tools and technologies will I be using?

    You will be utilizing DAST, SAST, and penetration testing tools, as well as working with secure DevOps and CI/CD integration tools.