Security Engineer

About Us We are a global climate technologies company engineered for sustainability. We create sustainable and efficient residential, commercial and industrial spaces through HVACR technologies. We protect temperature-sensitive goods throughout the cold chain. And we bring comfort to people globally. Best-in-class engineering, design and manufacturing combined with category-leading brands in compression, controls, software and monitoring solutions result in next-generation climate technology that is built for the needs of the world ahead. Whether you are a professional looking for a career change, an undergraduate student exploring your first opportunity, or recent graduate with an advanced degree, we have opportunities that will allow you to innovate, be challenged and make an impact. Join our team and start your journey today Product Security Engineer Job Description The Product Security Engineer will be responsible for helping to build and support the Copeland Product Security Program. This cross-functional position will work directly with product development teams by consulting on and testing security strategies. As a Product Security Engineer, You Will: Perform product security testing and reporting, including but not limited to: Black box reverse engineering of hardware and firmware Vulnerability research Exploit development Fuzz testing Protocol reverse engineering Conduct manual penetration testing, including but not limited to: Mobile Applications (iOS & Android) Web Applications Cloud Infrastructure Network Systems Facilitate threat modeling with Copeland application, infrastructure, and product teams. Perform security training and outreach to internal development teams. Perform security analysis & evaluation of ICS/OT environments related to product manufacturing. Perform security analysis & evaluation of both hardware and software supply chains. Maintain documentation and metrics for the product security program’s services. Department Summary: The Copeland Product Security department is focused on ensuring that our products are secure and that we are protecting our clients from relevant cyber threats by proactively identifying, addressing, and preventing vulnerabilities that could impact the confidentiality, integrity, or availability of our products, services, or solutions. We seek individuals with experience and innovative ideas in Operational Technology (OT)/ICS SCADA/IOT security interested in integrated security operations (IT, OT, and Physical) and adversary emulation. Who you are: You look beyond the obvious and don’t stop at the first answers. You adjust communication content and style to meet the needs of diverse stakeholders. You maintain relationships across a variety of functions and locations. You are not afraid to disagree and are open to debate. Minimum Qualifications: Bachelor's degree in Computer Science or similar field or a combination of education and related experience 5+ years of experience with any combination of the following: embedded systems and IoT security, red teaming, or penetration testing Experience conducting security testing of embedded hardware and the ability to identify and manipulate debug interfaces (UART, JTAG, SWD, etc.) and peripheral buses (SPI, I2C, etc.) Binary Reverse Engineering of ARM, MIPS, and PowerPC firmware using industry-standard tools such as IDA Pro, Binary Ninja, Ghidra, etc. Experienced planning and executing Red Team exercises. Experience in Fuzz Testing of industrial communication protocols like Wi-Fi / BLE / Wireless HART / PROFINET/ MODBUS / Ethernet IP/ OPC UA/ HART /FF Understanding of secure libraries (e.g., bootloader, etc.) Knowledge of embedded Linux required, knowledge of Real-Time Operating Systems a plus. Understanding network, web, IoT, and industrial-related protocols (such as TCP/UDP, HTTPS, MQTTS, CoAP, Modbus, Ethernet/IP, DNP3, OPC-UA, etc.) Excellent written and verbal communication skills. Strong sense of ownership, urgency, and drive Sharp analytical skills with the ability to synthesize new information quickly. Preferred Qualifications: Understanding of cloud solutions and architectures supporting IoT and Edge computing environments Experience with programming languages such as, Python, C#, C/C++, Ruby, Assembly, etc. Experience with OT network monitoring, including serial, Ethernet, wireless, etc. Experience with OT adversary emulation. Certifications such as CEH, OSCP, and GPEN Working knowledge of cybersecurity policies and standards related to ICS/SCADA. Our Commitment to Our People Across the globe, we are united by a singular Purpose: Sustainability is no small ambition. That’s why everything we do is geared toward a sustainable future—for our generation and all those to come. Through groundbreaking innovations, HVACR technology and cold chain solutions, we are reducing carbon emissions and improving energy efficiency in spaces of all sizes, from residential to commercial to industrial. Our employees are our greatest strength. We believe that our culture of passion, openness, and collaboration empowers us to work toward the same goal - to make the world a better place. We invest in the end-to-end development of our people, beginning at onboarding and through senior leadership, so they can thrive personally and professionally. Flexible and competitive benefits plans offer the right options to meet your individual/family needs: medical insurance plans, dental and vision coverage, 401(k) and more. We provide employees with flexible time off plans, including paid parental leave, vacation and holiday leave. Together, we have the opportunity – and the power – to continue to revolutionize the technology behind air conditioning, heating and refrigeration, and cultivate a better future. Learn more about us and how you can join our team Our Commitment to Diversity, Equity & Inclusion At Copeland, we believe having a diverse, equitable and inclusive environment is critical to our success. We are committed to creating a culture where every employee feels welcomed, heard, respected, and valued for their experiences, ideas, perspectives and expertise. Ultimately, our diverse and inclusive culture is the key to driving industry-leading innovation, better serving our customers and making a positive impact in the communities where we live. Work Authorization Copeland will only employ those who are legally authorized to work in the United States. This is not a position for which sponsorship will be provided. Individuals with temporary visas such as E, F-1 with OPT or CPT, H-1, H-2, L-1, B, J or TN, or who need sponsorship for work authorization now or in the future, are not eligible for hire. Equal Opportunity Employer Copeland is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to sex, race, color, religion, national origin, age, marital status, political affiliation, sexual orientation, gender identity, genetic information, disability or protected veteran status. We are committed to providing a workplace free of any discrimination or harassment. If you have a disability and are having difficulty accessing or using this website to apply for a position, please contact: copeland.careers@copeland.com Our Commitment to Our People Across the globe, we are united by a singular Purpose: Sustainability is no small ambition. That’s why everything we do is geared toward a sustainable future—for our generation and all those to come. Through groundbreaking innovations, HVACR technology and cold chain solutions, we are reducing carbon emissions and improving energy efficiency in spaces of all sizes, from residential to commercial to industrial. Our employees are our greatest strength. We believe that our culture of passion, openness, and collaboration empowers us to work toward the same goal - to make the world a better place. We invest in the end-to-end development of our people, beginning at onboarding and through senior leadership, so they can thrive personally and professionally. Flexible and competitive benefits plans offer the right options to meet your individual/family needs: medical insurance plans, dental and vision coverage, 401(k) and more. We provide employees with flexible time off plans, including paid parental leave, vacation and holiday leave. Together, we have the opportunity – and the power – to continue to revolutionize the technology behind air conditioning, heating and refrigeration, and cultivate a better future. Learn more about us and how you can join our team Our Commitment to Diversity, Equity & Inclusion At Copeland, we believe having a diverse, equitable and inclusive environment is critical to our success. We are committed to creating a culture where every employee feels welcomed, heard, respected, and valued for their experiences, ideas, perspectives and expertise. Ultimately, our diverse and inclusive culture is the key to driving industry-leading innovation, better serving our customers and making a positive impact in the communities where we live. Work Authorization Copeland will only employ those who are legally authorized to work in the United States. This is not a position for which sponsorship will be provided. Individuals with temporary visas such as E, F-1 with OPT or CPT, H-1, H-2, L-1, B, J or TN, or who need sponsorship for work authorization now or in the future, are not eligible for hire. Equal Opportunity Employer Copeland is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to sex, race, color, religion, national origin, age, marital status, political affiliation, sexual orientation, gender identity, genetic information, disability or protected veteran status. We are committed to providing a workplace free of any discrimination or harassment. If you have a disability and are having difficulty accessing or using this website to apply for a position, please contact: copeland.careers@copeland.com With $5B of global revenue, Copeland is a leading provider of compression products, electronics, software, and solutions across many applications within Heating, Ventilation, Air Conditioning, and Refrigeration (HVACR), where macro and regulatory trends towards environmental sustainability, leads to changes in HVACR technology. Other products include other heating applications, food service and retail, transportation, and healthcare/life sciences. This new business also has a solution portfolio that manages, monitors, and controls refrigeration units in the commercial setting, as well as software solutions that measure and monitor temperature conditions of refrigerated goods in transit, where there is a greater emphasis on energy management/sustainability solutions globally.