Job Description

Summary Salary: Competitive Team: Information Technology Location: Singapore - Technology Centre

Our Cyber Security Team

It\'s no secret that our intellectual property is critical to our success. In order to secure our ideas and designs, our customer and employee personal data, and to protect operations from cyber-crime, Dyson\'s global Cyber Security and IT Risk group works effectively to keep our secrets secret and secure our crown jewels, using advanced technologies to stay one step ahead of the game.

We have a continuous focus on transforming and managing all aspects of security - including architecture, engineering, technology risk management, cyber operations, end user security and project delivery. We invest heavily in new security capabilities (technology, processes and people) and leverage our strong cyber ecosystems to tackle future threats.

Product Design, Manufacturing, Supply Chain, eCommerce and Enterprise IT Systems are at the beating heart of Dyson\'s cyber defence priorities. We play a key role in ensuring the successful design and delivery of exciting new business and security projects, and that our controls and security platforms remain effective and compliant. Furthermore, our cyber operations capabilities are delivered on a global 24x7 basis from our strategic locations across the US, UK / Europe, India, Singapore and China.

As Dyson products become ever more complex, deploy new technologies and innovative architectures, and connect to more complex ecosystems, they face an ever-evolving cyber risk landscape, with a need for continual review and vigilance to address emerging new threats.

The Security Architecture and Engineering team plays a key role, with responsibility for the design and engineering of our core enterprise and Operational Technology cyber protection technologies - along with the actual design of the security elements of business and IT projects. We also play a critical role in assuring the security and compliance of all Dyson\'s existing and new products.

Alongside technical expertise in the relevant areas of Security Architecture, the role requires strong business partnering and relationship building skills. It involves working closely with project teams in business areas to develop practical solutions to mitigate business risks. There\'s ample scope to share and build on existing technical expertise, and we invest heavily in the development and training of our team

Key responsibilities

Ensuring that Dyson\'s products and the ecosystems they connect to are secure.

Assisting in the strategy, architecture and governance of Dyson\'s connected consumer / IoT devices at all project stages; from setting security requirements, defining product security guidelines and principles, through to evaluating risk and overseeing assurance activities.

Set the direction for our engineering teams to deliver against, capturing and articulating cyber security risk, and providing consultancy services to our stakeholders in product development.

Planning, researching, designing and building robust security architectures for new projects.

Improving efficiency, automation and performance of security, reducing cost of ownership and driving quality, security and speed.

Engaging with new business initiatives - delivering secure, supportable solutions.

Providing security risk assessment and recommendations throughout delivery lifecycle - producing designs, defining patterns and engaging with delivery (Waterfall, Agile and DevSecOps).

Qualifications and Experience

You\'ll have a solid background in product development or security architecture of IOT/OT platforms, including engineering of core, best-in-class secure products.

Background in hardware or embedded software.

Good understanding of security techniques for securing devices and communications with them, such as authentication, encryption, integrity checking and establishing a root of trust.

Current industry best practice and guidance for securing IoT devices.

Real Time Operating Systems.

Microprocessor and Microcontroller architectures and their security features.

System-on-Chip devices (e.g. Bluetooth/WiFi) and their associated software stacks.

Secure Software Download.

Threat Modelling.

Security Risk Assessment.

Ability to quickly learn new technologies and architectures and identify potential security weaknesses.

Security Requirements for standalone and connected products.

Knowledge across several security and engineering topics, ideally:

Embedded Software Languages and Software Development Lifecycle.

Knowledge of common attack vectors and how to minimise the threats they pose.

Keeping abreast of product security advisories, alerts, security trends and practices.

Identification and remediation of vulnerabilities in Open Source Software.

Ability to rapidly learn deeply technical subjects related to product security, and an ability to keep abreast of security impacts to fast moving industries, such as the consumer electronic device industry.

Mobile phone platform architecture (IOS and Android) and the security features they offer.

Cloud architecture and security.

Penetration Testing.

Tools used to identify software vulnerabilities (e.g. Static Analysis, DAST tools).

Security testing and assurance.

Secure Software Development Frameworks

Dyson is an equal opportunity employer. We know that great minds don\'t think alike, and it takes all kinds of minds to make our technology so unique. We welcome applications from all backgrounds and employment decisions are made without regard to race, colour, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other any other dimension of diversity.

Posted: 04 July 2023

Dyson