We use cookies to improve your experience on our site. To find out more, read our privacy policy.

Our Ability Jobs

Job Information

Trane Technologies Architect - Cyber Security in Chennai, India

At Trane Technologies TM and through our businesses including Trane ® and Thermo King ® , we create innovative climate solutions for buildings, homes, and transportation that challenge what’s possible for a sustainable world. We're a team that dares to look at the world's challenges and see impactful possibilities. We believe in a better future when we uplift others and enable our people to thrive at work and at home. We boldly go.

J

Job Summary

Trane Technologies is seeking a Security Architect to assess, standardize and mitigate our control product offerings to achieve our connected strategy. You will be responsible for leading and managing a the security architecture and design of our product offerings. You will also be responsible for developing and implementing pentesting standards and procedures, as well as participating in architectural reviews and threat modeling exercises.

Responsibilities

  • Being passionate and forward-thinking about cybersecurity and the needs for the ever-changing operational technology industry.

  • Designs security architecture frameworks and referential architectural guidelines for achieving technical security objectives.

  • Drives cyber security requirements to support design/development in hardware and software teams, including but not limited to.

o Secure/Authenticated/Trusted Boot methods.

o Public key infrastructure (PKI) in medium to large environments to include key management, digital certificates and digital signatures.

o Secure Coding practices, processes and methods (SEICert, MISRA, AUTOSAR etc.)

o Network architecture, modules, and protocols.

  • Interact with peers, project teams, technical specialists, and other senior members of the company to provide advice on operational technology security. Provide technical security expertise, including communicating architectural security decisions, benefits, risks, and other activities.

  • Contributes to the development of workflows to support the transition of strategic plans into practical implementation plans.

  • Knowledge of penetration testing techniques, application security vulnerabilities, OWASP Top 10, SANS 25, CWE, etc. required.

  • Version control, build/release tools and methodologies, and CI/CD pipelines

People Leadership

  • Manage application security engineers and analysts.

  • Nurture, grow and develop talent in the team.

  • Lead by example by taking ownership, being proactive and collaborating.

Qualifications and Duties

  • Bachelor’s degree/ MTech in any engineering discipline with an emphasis on cyber security.

  • Minimum 12+ years of overall experience in SDLC, security architecture and engineering expertise in Application, Network, Cloud, Mobile, IoT, Embedded systems, Hardware, APIs etc.

  • Strong understanding of operational technology principles, concepts and techniques.

  • Experience with threat modeling, penetration testing, fuzz testing, vulnerability scanning, secure code analysis.

  • Knowledge of software signing, secure boot and associated cryptographic techniques.

  • Should have good knowledge of security containers, hands-on experience on DevSecOps principles, and a good handle on end-to-end DevSecOps processes.

  • Technical understanding of cloud-native architecture and engineering best practices (AWS, Azure, Google Cloud).

  • Mastery understanding the industrial protocols.

  • Expertise in leading security projects (including reviews, tool development, and security best practices)

  • Experience with penetration testing standardization frameworks, such as ISA/IEC 62443, Zero Trust, Cloud Security Alliance, NIST and CIS.

  • Experience with severity ratings systems, and ability to calculate CVSS ratings for identified vulnerabilities.

  • Automate penetration and other security tests on networks, systems, and applications.

  • Knowledge of penetration testing techniques, application security vulnerabilities, OWASP Top 10, SANS 25, CWE, etc.

  • Provide support to requirements definition, system design documentation, and development of network and system diagrams.

  • Coding experience for tooling development and security code review (bonus points for C/C++).

  • Perform research, evaluation and engineering of security technology, products and solutions.

Additional Qualifications

  • Cloud Security and Architect certifications

  • CISSP, CISM, GSED, GCISP, GRID, GDSA, OSCP, CRTSA, CNDA, CSSLP, CRT and any other relevant certifications

We offer competitive compensation and comprehensive benefits and programs. We are an equal opportunity employer; all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, pregnancy, age, marital status, disability, status as a protected veteran, or any legally protected status.

DirectEmployers