Embedded Cyber Security Engineer

Bachelor or Master Degree in Electrical or Computer Engineering, Computer Science, Information Systems and Operations, or similar field and/or 12+ years of related experience.
5 years’ experience in cyber security and embedded hardware.
Computer Information Systems Security Professional (CISSP) or Offensive Security Certified Professional (OCSP).
Experience obtaining CMMC certification.
Must be capable of obtaining and maintaining a DoD Secret security clearance.
Experience with developing and analyzing hardware, embedded, and/or IoT systems.
Effective oral and written communication skills.

Collaborate with the product R&D teams helping them to understand the security mindset, guiding them to implement specific security controls for product/system wide security needs.
Coordinate with Electrical and Hardware engineering to ensure security requirements are considered and fulfilled in the hardware selection and design.
Coordinate with embedded system Architect and Developers to ensure the security design is implemented as intended.
Coordinate with SW Developers and manufacturing engineering to ensure security needs are met.
Review system design from a security perspective to identify vulnerabilities and weaknesses in the architecture.
Author product security policies, standards, and procedures.
Champion consistent implementation of the embedded system security practices across projects.
Contribute to the development of tools, processes, and policies to prevent, detect, and resolve classes of issues across the entire development lifecycle, including supply chain and manufacturing.
Develop security for embedded hardware, firmware, and microprocessors.
Support selection of hardware components, third-party software, security tools and vendors.
Conduct embedded product and device cybersecurity activities ranging from incident response to vulnerability assessments to mitigation implementation.
Develop new approaches and countermeasures for emerging threats to embedded systems.
Manage security-related deliverables for regulatory bodies.
Other duties as assigned.

Certified Information System Manager (CISM).
Certified Ethical Hacker (CEH).
Experience achieving ISO 27001 certification.
Experience complying with NIST Cybersecurity standards and guidance.
Experience complying with the requirement of the National Industrial Security Program Operating Manual (NISPOM).
Experience with one or more of the following technical areas: Wireless and/or network communications
Basic knowledge of common hardware components, packaging, and board-level integration
Basic technical understanding of circuits and PCB layout designs
Basic knowledge of common cryptographic algorithms and protocols, implementation attacks (i.e., side-channel and fault injection)
Hardware security implementation analysis and exploitation (cryptography, side-channel analysis, and/or fault injection)
Able to excel in a fast-paced, deadline-driven environment, where small teams share a broad variety of duties
Displays strong initiative and drive to accomplish goals and meet company objectives
Takes ownership and responsibility for current and past work products
Is committed to learning from mistakes and driven to improve and enhance performance of oneself, others, and the company
Focuses on teamwork and puts the success of the team above one’s own interests