At least 7 years of end-to-end (embedded systems to cloud) security design experience.
Knowledgeable of cybersecurity protections for Cellular, Wireless, & Cloud.
Knowledgeable of cybersecurity protections for embedded systems.
Knowledgeable of cybersecurity protections for mobile applications and web applications.
Has an understanding of cryptography topics and how to apply them at scale.
Strong oral and written skills.
Experience performing security design reviews of applications, systems, and networks.
Provide remediation guidance and recommendations to developers and system designers.
Breakdown high-level concepts to base components with enough detail for a developer to implement
Knowledgeable in application security concepts.
Ability to learn new technology quickly and adapt to changes.
Qualifications:
Bachelor’s degree in Electrical Engineering, Computer Science, Cybersecurity or related is strongly desired
Demonstrate a good working knowledge of core security concepts, embedded security best practices (e.g. secure boot, secure debug, secure storage, secure communications) and the secure development lifecycle activities
Hands-on experience with designing and testing of the core embedded security concepts above
Experience with reverse engineering and binary analysis methods and tools (e.g. IDA Pro, Ghidra)
Experience with vulnerability analysis using CVSS scoring and CWE types
Knowledge of Linux and other embedded operating systems is preferred
Proficient in C, C++, Python (specifically for writing tools to help tasks)
Hands-on experience securing Linux, MacOS, Windows and Android operating systems
Ability to handle tasks with significant complexity under minimal supervision requiring a high degree of technical competence
Experience with on-board communication interfaces such JTAG, SPI, UART, and SW
Important ones:
Experience in designing, developing and debugging embedded security applications is a plus
Familiarity with Automotive and Industry standards and best practices such at ISO-SAE 21434, SAE J3101
Knowledge of common communication protocols found in the automotive ecosystem such as TCP/IP, Automotive Ethernet, CAN, LIN, MOST, 3G/4G/LTE, Bluetooth, BLE, Wi-Fi
Knowledge of cryptography and applied cryptography for provisioning secure hardware is desirable
Knowledge of ARM (including Trust Zone architecture) and other embedded microprocessors
Practical experience with security controls for POSIX type operating systems
Understanding of SoC security technologies (e.g. eFuses, HAB)
Experience designing small PCBs for testing purposes
Hands-on experience with soldering and “chip-off” equipment
Familiarity with reading wiring schematics and component datasheets
Experience with vulnerability management process (from proof-of-concept to remediation)