At ABB, we help industries run leaner and cleaner-and every person here makes that happen. You'll be empowered to lead, supported to grow, and proud of the impact we create together. Join us and help run what runs the world.
This Position reports to:
Digital Platform Operations Specialist
What we believe in
ABB's Process Automation business area enables customers to operate some of the world's largest and most complex industrial infrastructures, helping them outrun - leaner and cleaner. We offer a broad range of automation, electrification and digital solutions for process, hybrid and maritime industries, including industry-specific integrated control and software as well as measurement and analytics solutions and services.
Your role and responsibilities
Manages or coordinates cybersecurity aspects in development projects/activities. Supports strategic cybersecurity direction and future technologies, designs, architecture, and implementations in alignment with group/business area /division-level strategies. Acts as a primary contact in Research and Development (R&D)/software development/product engineering for cybersecurity-related matters.
The work model for the role is: Hybrid
You will be mainly accountable for:
- Security Assessment & Compliance- Manage Minimum CyberSecurity Requirement compliance activities for every product release cycle by coordinating with cross-functional teams. Conduct comprehensive security assessments across the SDLC, product architecture, cloud environments, and deployment pipelines. Review compliance questionnaires in detail, validate supporting artifacts, and identify any gaps or areas of non-compliance. Define clear, actionable remediation plans and ensure timely closure.
- Threat Modeling & Risk Analysis-Perform structured threat modeling using the STRIDE methodology to systematically identify potential threats. Analyze system architecture, High-Level Designs (HLD), and Data Flow Diagrams (DFD) to uncover attack surfaces and risk scenarios. Evaluate potential vulnerabilities and provide well-defined mitigation strategies along with recommended security controls.
- Security Testing Oversight-Oversee and validate results from key security testing tools including SAST, DAST, Software Composition Analysis (SCA), and Open-Source/Commercial Compliance (OCC) checks. Interpret findings, prioritize risks, and provide clear, developer-friendly remediation guidance. Ensure that security testing tools are effectively integrated into CI/CD pipelines for continuous security validation.
- Hardening & Secure Development Practices-Define and enforce security hardening standards across application code, container platforms (Docker, Kubernetes), and underlying operating systems and infrastructure. Promote secure coding practices and ensure alignment with industry benchmarks such as CIS and NIST. Conduct periodic audits and reviews to verify adherence and continuously improve the organization's security posture. Added advantage IEC 62443-4-1 and 62443-4-2.
- DAST & Web Penetration Testing -Perform internal security assessments (Pre-DSAC) on applications and services using DAST methodologies. Identify vulnerabilities aligned with OWASP Top 10 and other common attack vectors. Log and track findings in Azure DevOps, collaborate with development teams, and ensure remediation is completed within defined SLAs.
- Code & Image Integrity Management - Ensure the integrity and authenticity of source code and container images through robust code-signing mechanisms. Review and validate hash signing processes, encryption standards, and secure key management practices. Implement controls to protect against tampering, unauthorized modifications, and software supply chain risks.
- Reporting & Governance - Prepare and publish comprehensive Cyber Security Assessment Reports summarizing risks, findings, and remediation status. Maintain visibility on vulnerability tracking, risk posture, and closure progress. Ensure that all critical and high-severity issues are addressed and resolved prior to product release, aligning with governance and compliance requirements.
Qualifications for the role:
- Bachelor's or Master's degree in Computer Science, Information Security, or a related field, with a solid foundation in software engineering and system design principles.
- 6-8 years of cybersecurity experience, emphasizing application security, product security, or secure software development lifecycles.
- Practical experience conducting security assessments, performing threat modeling (STRIDE), and carrying out risk analysis across complex systems and architectures.
- Demonstrated skill with security testing tools and methodologies, including SAST, DAST, Software Composition Analysis (SCA), and managing open-source/license compliance.
- Comprehensive knowledge of industry standards and frameworks like OWASP Top 10, CIS benchmarks, and NIST, and experience applying and sustaining security controls.
- Experience working with cloud environments (AWS/Azure/GCP), container technologies (Docker, Kubernetes), and infrastructure hardening practices.
- Solid understanding of secure coding practices, code review processes, and code/image integrity mechanisms such as code signing, encryption, and key management.
- Adept at stakeholder coordination, effective communication, and collaboration with engineering, DevOps, and cross-functional teams to execute security initiatives and remediation tasks.
More about us
ABB is a global technology company that powers the transformation of society and industry toward a more productive, sustainable future. The Process Automation (PA) business area ( $6B revenue in 2021, 22,000 employees), automates, electrifies and digitalizes some of the most complex industrial infrastructures on this planet. Through its five divisions, it serves customers in the energy, process and hybrid industries - from hydrocarbons, chemicals, water, mining, minerals, pulp & paper to marine and ports, and many more. PA stands at the heart of some of the most important shifts in society, helping the energy-intense industries to safer, smarter and more sustainable operations to enable a prosperous, low-carbon society.
Building a cleaner, smarter future takes all kinds of minds: the curious, the courageous, and the creative. We welcome people from all backgrounds and experiences.
Ready to make an impact Apply today or visit www.abb.com to learn more about the impact of our solutions across the globe.
Recruitment Fraud Warning
ABB never asks for payment from job applicants. All genuine job offers follow a formal application and interview process.
View current job openings and apply at:
For more information, read our full fraud warning notice at:
