Security Analyst Embedded Systems

This company is an ambitious organization that specializes in security certification services for leading international customers in multiple markets, such as mobile telephony, internet of things, payments, government and automotive. It is one of the world's most advanced players in embedded security testing.

The company has interesting projects, an open office environment and is looking for motivated people who want to take the opportunity to take security to a higher level in this growing company.

Position

For the position of Security Analyst Embedded Systems, we are looking for engineers who are involved in:

·       Perform code reviews and structured vulnerability analyses in accordance with security certification requirements (e.g. SESIP, GlobalPlatform)

·       Provide guidance and mentoring to junior collegues by reviewing their analysis results and offering coaching in certification scheme expectations

·       Translate vulnerability analysis findings into clear and actionable input for security testing team, aligning results with applicable scheme thresholds and evaluation metrics

·       Perform embedded testing on devices under evaluation e.g. firmware reversing, MITM, interface probing etc.

·       Lead the technical aspects of evaluation projects by coordinating with the project manager to ensure compliance, technical rigor, and timely delivery.

Qualifications

• Minimum of 4 years of experience in the security evaluation domain, specifically:
• Proven proficiency in at least two of the following: C, C++, Assembly.
• Experience with secure embedded systems, such as Smart Cards, Secure Elements, System-on-Chips (SoCs), Trusted Execution Environments, smart light, remote control, ECUs, etc.
• Good understanding of low-level computer architecture, security concepts, embedded system architecture, OS internals, Trusted Execution Environments.
• Good understanding of practical cryptography algorithms and protocols.
• Able to develop exploits for embedded devices.
• Excellent interpersonal and communication skills; thrives in team environments with diverse stakeholders (technical teams, evaluators, and customers).
• Knowledge about Android is a plus.
• Willingness to occasionally travel to clients or certification bodies in Europe, North America, or Asia.

Skills Required

• Good communication skills in English (written and oral).
• Ability to process large amounts of documentation.
• Keep an overview of comprehensive evaluation reports.
• Work in a structured way and report with an eye for detail.
• Collaborate in project teams.

‍