Senior Cybersecurity Embedded Engineer
Indexed description
Role Overview
We are seeking a highly experienced Senior Cybersecurity Engineer with a strong offensive mindset to identify, assess, and mitigate cybersecurity risks in embedded and IoT systems. The role requires solid knowledge of firmware, hardware interfaces, and connected systems, combined with the ability to think from an attacker perspective and identify how systems could be compromised.
The candidate acts as a subject matter expert, driving vulnerability analysis and security risk assessments, including TARA activities, and contributing to the development of secure and resilient architectures for constrained and connected environments.
Key Responsibilities
- Analyze embedded and IoT systems with an attacker mindset to identify potential vulnerabilities and attack paths
- Identify and assess attack surfaces across firmware, hardware, and communication layers
- Perform vulnerability analysis on embedded systems and connected devices
- Evaluate risks related to hardware and physical attacks (debug access, bus sniffing, etc.)
- Assess security implications of system architecture and firmware design
- Analyze communication layers including Ethernet stack and protocols (TCP/IP, UDP)
- Identify threats in connected and edge computing environments
- Perform Threat Analysis and Risk Assessment (TARA) for embedded and industrial systems
- Apply risk assessment methodologies aligned with ISO 27005 principles
- Define and structure threat scenarios, attack vectors, and mitigation strategies
- Produce cybersecurity deliverables including risk assessments, attack surface analysis, and mitigation plans
- Collaborate with system, hardware, and software teams to integrate security best practices
- Proven experience as Cybersecurity Engineer in embedded, IoT, or industrial systems
- Minimum 5–10 years of experience in cybersecurity and/or embedded systems security
- Strong understanding of embedded architectures and firmware (generalist level expected)
- Knowledge of hardware components and interfaces: ARM cores (or equivalent)
- Communication buses (SPI, I2C, parallel interfaces)
- Debug interfaces (JTAG, SWD)
- Experience with: Vulnerability analysis for embedded / IoT systems
- Identification of hardware and firmware attack surfaces
- Strong knowledge of: Network fundamentals (Ethernet stack)
- Protocols such as TCP/IP and UDP
- Understanding of: Threats specific to constrained systems (physical access, hardware attacks, bus sniffing)
- Experience with: Security risk analysis aligned with ISO 27005
- TARA (Threat Analysis and Risk Assessment) in industrial or IoT contexts
- Ability to structure and formalize risk assessments and communicate findings effectively
- Experience with ASPICE 4.0 processes
- Knowledge of ISO 26262 (functional safety)
- Exposure to automotive or safety-critical environments
- Familiarity with embedded debugging or security testing tools
- Experience in system-level security architecture
- Join a multicultural and inclusive team environment
- Enjoy a supportive atmosphere promoting work-life balance
- Hybrid work
- Your career growth is central to our mission. Our array of career growth programs and diverse professionals are crafted to support you in exploring a world of opportunities
- Access valuable training and certifications in cutting-edge technologies
- Engage in exciting national and international projects
- Health and life insurance
- Referral program with bonuses for talent recommendations
- Great office locations
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search