Security Engineer-1

About Us

We are a global climate technologies company engineered for sustainability. We create sustainable and efficient residential, commercial and industrial spaces through HVACR technologies. We protect temperature-sensitive goods throughout the cold chain. And we bring comfort to people globally. Best-in-class engineering, design and manufacturing combined with category-leading brands in compression, controls, software and monitoring solutions result in next-generation climate technology that is built for the needs of the world ahead.

Whether you are a professional looking for a career change, an undergraduate student exploring your first opportunity, or recent graduate with an advanced degree, we have opportunities that will allow you to innovate, be challenged and make an impact. Join our team and start your journey today!

Security Engineer

Job Description

The Security Engineer will be responsible for helping to build and support the Copeland Product Security Program. This cross-functional position will work directly with product development teams by consulting on and testing security strategies.

As a Security Engineer, You Will:

Perform product security testing and reporting, including but not limited to:

- Black box reverse engineering of hardware and firmware

- Vulnerability research

- Exploit development

- Fuzz testing

- Protocol reverse engineering

Conduct manual penetration testing, including but not limited to:

o Mobile Applications (iOS & Android)

o Web Applications

o Cloud Infrastructure

o Network Systems

Facilitate threat modeling with Copeland application, infrastructure, and product teams.

Perform security training and outreach to internal development teams.

Perform security analysis & evaluation of ICS/OT environments related to product manufacturing.

Perform security analysis & evaluation of both hardware and software supply chains.

Maintain documentation and metrics for the product security program's services.

Department Summary:

The Copeland Product Security department is focused on ensuring that our products are secure and that we are protecting our clients from relevant cyber threats by proactively identifying, addressing, and preventing vulnerabilities that could impact the confidentiality, integrity, or availability of our products, services, or solutions. We seek individuals with experience and innovative ideas in Operational Technology (OT)/ICS SCADA/IOT security interested in integrated security operations (IT, OT, and Physical) and adversary emulation.

Who you are:

You look beyond the obvious and don't stop at the first answers. You adjust communication content and style to meet the needs of diverse stakeholders. You maintain relationships across a variety of functions and locations. You are not afraid to disagree and are open to debate.

Minimum Qualifications:

Minimum of 5 years of experience with any combination of the following: embedded systems and IoT security, red teaming, or penetration testing

Experience conducting security testing of embedded hardware and the ability to identify and manipulate debug interfaces (UART, JTAG, SWD, etc.) and peripheral buses (SPI, I2C, etc.)

Binary Reverse Engineering of ARM, MIPS, and PowerPC firmware using industry-standard tools such as IDA Pro, Binary Ninja, Ghidra, etc.

Experienced planning and executing Red Team exercises.

Experience in Fuzz Testing of industrial communication protocols like Wi-Fi / BLE / Wireless HART / PROFINET/ MODBUS / Ethernet IP/ OPC UA/ HART /FF

Understanding of secure libraries (e.g., bootloader, etc.)

Knowledge of embedded Linux required, knowledge of Real-Time Operating Systems a plus.

Understanding network, web, IoT, and industrial-related protocols (such as TCP/UDP, HTTPS, MQTTS, CoAP, Modbus, Ethernet/IP, DNP3, OPC-UA, etc.)

Excellent written and verbal communication skills.

Strong sense of ownership, urgency, and drive

Sharp analytical skills with the ability to synthesize new information quickly.

Preferred Qualifications:

Understanding of cloud solutions and architectures supporting IoT and Edge computing environments

Experience with programming languages such as, Python, C#, C/C++, Ruby, Assembly, etc.

Experience with OT network monitoring, including serial, Ethernet, wireless, etc.

Experience with OT adversary emulation.

Working knowledge of cybersecurity policies and standards related to ICS/SCADA.

Our Commitment to Our People

Across the globe, we are united by a singular Purpose: Sustainability is no small ambition. That's why everything we do is geared toward a sustainable future-for our generation and all those to come. Through groundbreaking innovations, HVACR technology and cold chain solutions, we are reducing carbon emissions and improving energy efficiency in spaces of all sizes, from residential to commercial to industrial.

Our employees are our greatest strength. We believe that our culture of passion, openness, and collaboration empowers us to work toward the same goal - to make the world a better place. We invest in the end-to-end development of our people, beginning at onboarding and through senior leadership, so they can thrive personally and professionally.

Flexible and competitive benefits plans offer the right options to meet your individual/family needs. We provide employees with flexible time off plans, including paid parental leave (maternal and paternal), vacation and holiday leave.

Together, we have the opportunity - and the power - to continue to revolutionize the technology behind air conditioning, heating and refrigeration, and cultivate a better future. Learn more about us and how you can join our team!

Our Commitment to Inclusion & Belonging

At Copeland, we cultivate a strong sense of inclusion and belonging where individuals of all backgrounds, and with diverse perspectives, are embraced and treated fairly to enable a stronger workforce. Our employee resource groups play an important role in culture and community building at Copeland.

Equal Opportunity Employer

Copeland is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to sex, race, color, religion, national origin, age, marital status, political affiliation, sexual orientation, gender identity, genetic information, disability or protected veteran status. We are committed to providing a workplace free of any discrimination or harassment.