Cybersecurity Design Engineer
Indexed description
We are seeking a Cybersecurity Design Engineer to join our team and ensure the security of our embedded products. The searched candidate will have strong technical knowledge in secure architecture, cryptography, and compliance standards, combined with good communication and problem-solving skills.
Key Responsibilities
Design and implement secure architectures for embedded products and networked devices.
- Perform threat modeling and risk analysis using frameworks such as STRIDE.
- Write security manuals for customers.
- Enforce and support secure coding practices for C/C++ and Python.
- Support implement secure boot, firmware integrity checks, and hardware root of trust.
- Support configure and harden Linux-based operating systems.
- Help conduct vulnerability assessments, penetration testing, and integrate security into CI/CD pipelines.
- Ensure compliance with IEC 62443 (4-1 and 4-2) and ISO 27001 standards.
- Collaborate with cross-functional teams to communicate risks and propose mitigations.
We wholeheartedly believe in the diversity of thought that comes with fostering a culture rooted in respect, where everyone belongs, is valued, and feels inspired to share their ideas. We know embracing our unique differences makes us better, and that solving the worlds hardest engineering problems requires diverse ideas, perspectives, and backgrounds. We shine the brightest when we tap into the many dimensions that thrive across over 21,000 difference-makers in our workplace.
Work Experience
- Network & Communication Security: TCP/IP, UDP protocols (MQTT, SFTP, FTPS, HTTPS, NTPS, RTP, DHCP, DNS, etc.), TLS/SSL implementation.
- Cryptography: Symmetric & asymmetric encryption (AES, RSA, ECC), key management, hashing algorithms (SHA-2, SHA-3), HMAC.
- Public Key Infrastructure (PKI).
- Secure Architecture & Design: Threat modeling, risk analysis, secure boot, firmware integrity, hardware root of trust.
- Implementation: Linux hardening, secure configuration of services (SSH, firewall, etc.).
- Vulnerability Assessment & Testing: Static/dynamic code analysis tools (like Coverity, BlackDuck), fuzzing, web UI security testing, CI/CD security integration.
- Standards & Compliance: IEC 62443, ISO 27001 basics.
- Ability to work autonomously and manage priorities effectively.
- Strong communication skills for internal and external stakeholders.
- Proficiency in English (written and spoken).
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search