As a Technical Lead Software Security Analysis you will be working in the team as a Senior Security Analyst together with a role as Project Manager and being the interface between the lab and certification companies.
This organization is an ambitious organization specializing in embedded security testing for leading international clients from the semiconductor, payment, mobile and automotive industry.
In addition, she is the leading vendor of specialist security testing products. The main office in the Netherlands has been around since 2001, but their satellite offices still have a start-up feel to it. They have engaging projects, an open office environment, and are are looking for self-motivated individuals who would like to carve out their niche in the growing company.
Do you have experience as a Senior Security Analyst with a focus on complex evaluation, ready to work with clients from all over the world?
- The organization evaluates the security of products that use embedded and smart card technologies, usually in teams of 2-4 security analysts. The main activities of the evaluation process include analyzing threats and weaknesses by taking apart a device’s specifications, code or hardware, and then developing the necessary tools to attack the security. Results of this go into a report, and they give recommendations for solving these problems.
- In addition to evaluation work they carry out other projects, including consultancy work, research, tool development, and training. As a state-of-the-art lab, their internal research and development process is a necessity to remain competitive. They record the knowledge they gain during their projects in the knowledge database to ensure it is preserved and shared within the organization.
- Work is mainly done at the office in Delft. Parts of a project may require working at the customer’s premises. Depending on the type of assignment and your level of experience they are in regular contact with a customer’s technical liaison during a project. All communication with customers is done in English.
- You have successfully completed an academic course in Information Technology or Electrical Engineering.
- You have at least 4 year’s work experience in:
- Programming languages: C, C++, JavaCard, Assembly.
- Smart Cards, Secure elements or other embedded devices such as System-on-Chips, and associated applicable test methods (Logical, Fault Injection and Side Channel Analysis).
- Dealing with the major security evaluation schemes like Common Criteria, EMVCo or Global Platform.
- Being responsible for the technical quality of evaluation projects. Ideally you are used to steering a team of analysts during evaluation activities.
- Leading technical projects.
- Experience with software development or (security) testing for embedded systems.
- Knowledge of (EMV) payment products is an advantage, as is experience with security evaluations, Java Cards, attack techniques and an interest in hacking products.
- Supporting project management in coordinating complex evaluation projects under the given timelines and budgets.
- Being the technical interface to various ITSEFs and certification schemes
- You have a creative mind with an eye for detail, and the ambition to drive security forward.
- You have an excellent command of the English language and the ability to communicate knowledge convincingly to external parties.
- You have good social skills and you are a pleasant co-worker who likes to collaborate in a multidisciplinary team of security specialists.
- You are flexible, and you enjoy travelling to customers in Europe, North America, or Asia every now and then.