Senior Cybersecurity Specialist

Are you an experienced cybersecurity professional who is excited about practical application of cybersecurity into industrial and IoT environments? We would like to have you on our team to keep smart cities cybersecure!

The KONE Technology and Innovation (KTI) function is where the magic happens at KONE. It's where we combine the physical world – escalators and elevators – with smart and connected digital systems. We are changing and improving the way billions of people move within cities every day.

Within the KONE Technology & Innovation unit, we have a dedicated Cybersecurity team for assuring the security of KONE’s products and solutions as well as applications used by KONE’s business lines.

Buzzwords: Application security, Cloud security, SDL, DevSecOps

We are now looking for a person to support and drive the Security Development Lifecycle (SDL) activities in KONE solution development projects. Our solutions range from connected elevator systems to cloud services and to mobile applications for technicians and for end users. As a Senior Cybersecurity Specialist, you will be responsible for supporting KONE development teams globally to identify and implement security requirements and to review and test the solutions as they have been implemented.

You enjoy working in co-operation with development teams to offer solutions for security problems and practical guidelines on how to implement security in the projects. You get to conduct threat analysis and identify the appropriate security requirements. You don’t shy away from getting hands on with application owners and developers to guide them or help them implement the necessary security controls. Through validation and testing you ensure that controls are implemented, and the requirements fulfilled.

You support our becoming and existing Security Champions to succeed in their roles by guiding, identifying their skill gaps, and providing training.

You might be an experienced security-minded software developer, or perhaps you are a cybersecurity professional who has specialized in application security. You can communicate with various audiences, and you can deal both with the big picture as well as with details when so required.

The position is located in Pune, India.

Responsibilities

Act as a cybersecurity advisor and provide security expertise and guidance to development and operations teams.Conduct risk-based security impact assessments to classify applications and assign appropriate security requirements.Translate requirements into actionable tasks and guide stakeholders in understanding and implementing them.Detect security issues during validation and operation using automation and scenario-based testing. Help teams to understand and mitigate risks and vulnerabilities.Review and enhance security documentation and assessments from Security Champions, offering constructive feedback.Monitor R&D and IT stakeholder needs and deliver targeted security training or clinics.Collaborate within the Cybersecurity team to improve KONE’s security management system, SDL standards, processes, and tools.

Requirements

5+ years of experience in cybersecurity. CISSP, CSSLP or other relevant certifications are considered a plus.Educational qualifications (B. Sc. or M Sc. in computer science, business administration, information technology management, information systems security or related) Practical experience in implementing Security Development Lifecycle (SDL) in agile software projects (for example, Microsoft SDL, OWASP, BSIMM)Familiarity with security standards and best practices (for example: ISO 27001, IEC 62443, OWASP)Experience in threat modeling and security risk assessmentExperience with DevSecOps practices and tools (SCA, SAST, DAST)Experience with cloud platforms (AWS or Microsoft Azure)

Why to join KONE’s cybersecurity team?

We at KONE’s cybersecurity team are at an interesting point currently. Our focus has been on modernizing enterprise cybersecurity to limit risks with day-to-day operations but at the same time, we are building our industrial and product cybersecurity. KONE is on a digitalization journey and our elevators are transforming from a steel box on the end of a rope into central platforms of smart buildings. We are bringing totally new kinds of innovative solutions to the market to enable even smarter people flow. As our offering becomes more digital, excellent cybersecurity plays a crucial role in building customer trust.

KONE Technology and Innovation
 
We are changing and improving the way billions of people move within buildings every day. Hardware is where we've always shined, but today, digital expertise – IoT, analytics, AI, automation, simulation, to name a few – is equally important for our continued success.
 
 
What's KONE Technology & Innovation like as a workplace? We like to think of ourselves as a diverse tribe, pulling together to understand and meet the ever-changing needs of our customers, from concept through to design, down to every single finished product. This all happens in an atmosphere of trust and respect, typified by our Nordic values, a healthy work-life balance, and a flat hierarchy. 

At KONE, we are focused on creating an innovative and collaborative working culture where we value the contribution of each individual. Employee engagement is a key focus area for us and we encourage participation and the sharing of information and ideas. Sustainability is an integral part of our culture and the daily practice. We follow ethical business practices and we seek to develop a culture of working together where co-workers trust and respect each other and good performance is recognized. In being a great place to work, we are proud to offer a range of experiences and opportunities that will help you to achieve your career and personal goals and enable you to live a healthy and balanced life.

Read more on www.kone.com/careers