Senior Embedded Systems Security Engineer
- Job Posting Title: Senior Embedded Systems Security Engineer
- Job Description Summary: Customer is in immediate need of a Senior Embedded Systems Security Engineer. Customer leads the market in consumer robotics and enabling the smart home. Our latest Wifi-enabled products employ novel technologies, such as computer vision for navigation and identifying objects near them. Were expanding our security team to develop security features into and around those capabilities, to protect our customers information and minimize the risk of robots being hacked. We are seeking a motivated individual to partner with our engineering teams to design and build security solutions that protect new robot architectures. You would help design and build novel solutions to protect the robot itself from current and anticipated cyber threats, develop means to ensure robot integrity, and conduct security evaluations of embedded systems. You will be immersed in each robot’s design, full software architecture, and our security solutions.
- Essential Functions/Job Duties
- Partner with product teams to develop leading-edge secure products
- Provide development teams with sound secure designs, proof of concept solutions, and/or design documentation
- Evaluate development plans and designs, with feedback related to secure design principles and implementation
- Identify security weaknesses in new product designs and partner with engineering teams on how to close potential vulnerabilities
- Assist in the development, deployment, and maintenance of PKI and other cryptographic systems that support robot functionality and manufacturing
- Collaborate with other Product Security team members on a variety of security matters.
- Qualifications 8+ years of software development, including at least 1 year as a security champion within a development team is preferred
- Significant depth in C#, .NET, and C or C++
- Linux familiarity
- Strong understanding of cryptographic and PKI systems
- Experience with PKCS11, Hardware Security Modules, and/or Trusted Platform Modules a plus
- Embedded systems or Internet of Things product security experience is a major plus
- Excellent communications and documentation skills
- Experience with Threat Modeling and Secure Software Development Lifecycle
Senior Security Engineer
- Job Posting Title: Senior Security Engineer
- Job Description Summary: The senior security engineer is responsible for discovering and formulating solutions to new designs from our development partners as they arise and implementing and managing the lifecycle of these solutions as they are built into workflows and processes. The senior security engineer delivers these solutions in accordance with the organization’s architectural designs, best practices, and regulatory or compliance requirements. As risks change, the senior security engineer is responsible for recommending modifications and enhancements to ensure the organization is evolving with the threat landscape. The senior security engineer is expected to contribute to the corporate security strategy with security leadership and other senior security staffers and technologists. Recipients of the senior engineer’s solutions include product development teams, data science teams, security operations teams, and security auditors.
Essential Job Duties
-
- Assess new designs and architecture and provide guidance to the development teams based on best practices and risk mitigation strategies
- Manage risks and mitigate vulnerabilities throughout their lifecycle for the embedded device and mobile app environments in a cost-effective manner
- Research and design new tools, technologies, and solutions for adoption into the development teams’ architecture plans
- Monitor industry standards organizations and leverage specifications and best practices
- Conduct product security training workshops with product teams, and mentor engineering staff on security principles
- Contribute to the product security strategy/roadmap and apply techniques in emerging technologies
- Lead/participate in security workshops with product teams
-
Skills and Experience
-
- 7+ years working with embedded OS and/or Mobile Apps or OS
- 5+ years of experience reading and interpreting international standards and understanding how to apply security requirements
- 5+ years of experience with a Secure Development Lifecycle and threat modeling methodologies
- Deep knowledge of secure boot principles, trusted execution environments, hardware roots of trust, and remote attestation
- Experience with cryptographic algorithms, protocols, and APIs/libraries
- Strong familiarity with communications protocols such as Bluetooth, NFC, Wi-Fi, etc.
- Proficiency in secure development lifecycle and threat modeling systems
- Understand hardware and software security controls and mechanisms
- Ability to think strategically, adhere to the code of ethics of security professionals, and understand and communicate in the language of risk
- Able to function as a team member and share knowledge
Education Requirements
- Bachelor of Science (Master preferred) in computer science, engineering, or related field
- CISSP or similar professional certification