Snabbfakta

    • Lund

Ansök senast: 2023-03-26

Senior Security Specialist

Publicerad 2022-10-27

Company Overview

Sigma Connectivity is a global design house. We are a team of 700 talented engineers and our main office is located in Lund, Southern Sweden. Primarily we run in-house projects focusing on connected products within consumer electronics and IoT devices and we have the capability in terms of people, expertise and labs to realize the most demanding products on the market. We have offices in Sweden, US, UK, Poland, Germany and Denmark. As a fast-growing company we are constantly looking for open-minded, talented people who want to take part in our journey. The Sigma Connectivity company culture is about sharing experiences and knowledge and with a Nordic work culture we strive for work-life balance and taking care of people. Within Sigma Connectivity you will never work alone.

Job Overview

We are seeking a senior security specialist to our team in Lund! The role requires product design experience from a security perspective in embedded and cloud software development (preferreably Embedded Android). You should have experience in DevSecOps ways of working.

The work consists of engaging with customers as well as defining, implementing and reviewing the security aspect of our projects. As the senior security specialist you will guide our engineering teams, management teams and sales representatives as well as our customers in security aspects throughout product lifecycle.

Role and Responsibility

With a focus on consumer/IoT devices, entire technology stack up to the edge of the cloud.

  • Stay up to date on the latest trends and current threat level in Security domain.
  • Help with choosing right toolset and certifications.
  • Ability to assess, analyze Product security using various securit standards.
  • Ability to propose system design and architectural solutions for secure product.
  • Practically implement security solutions.
  • Propose and carry out innovative tests to ensure quality of product.
  • Assess the efficacy of the security solutions developed by reviewing and auditing.

Personal Characteristics

  • Team player
  • Excellent communication skills to manage stakeholders.
  • Proactiveness in collaborating and execution.
  • Willingness to learn new methods / tools / processes
  • Strong problem solving and critical thinking skills
  • Strong passion for creativity and solving cutting edge industry problems

Grundläggande kvalifikationer

To succeed in this role you must have:

  • Knowledgeable about the upcomming Cyber Security part of CE/RED and ETSI EN 303 645.
  • Knowledgebale in SELinux/SEAndroid.
  • Experience in mitigating and planning for OWASP top 10, ISO/IEC TS 17961 (Secure C) and CWE/CVE/CVSS.
  • Experience in Android security features (including factory reset protection, HW crypto acceleration, keystore.)
  • Experience in secure and verified boot (including SFS anti-rollback, integrity verification with dm-verity and kernel modules signing)
  • Advanced skills in one or several of: embedded C, C++, Python and Node JS.
  • Knowledge within secure provisioning
  • Certified Ethical Hacker (CEH) and/or CompTIA Security+ or similar University cerfication.
  • Development tools like Git, Gerrit, Jenkins, Coverity.
  • A good theoretical knowledge of cryptography.

Meriterande färdigheter, egenskaper och erfarenheter

  • Full disk encryption (FDE) or file-based encryption (FBE)
  • Fuzzing embedded systems
  • Able to implement cryptographic mechanisms using dedicated software libraries (e.g. : Mocana, mbedTLS and wolfSSL)
  • Identify and integrate security solutions into products, for example PKI/HSM architectures
  • Use secure elements offered by different suppliers of electronic components (e.g. : Infineon, STMicroelectronics or NXP) and integrate them with embedded cryptographic libraries.
  • Experience with automated (re)validation with CTS and GTS
  • Qualcomm TEE
  • Secure Payment with QPay/NFC and Google Pay
  • Strong documentation and writing skills

Technologies: ASLR, NX, ProPolice, safe_iop, OpenBSD dlmalloc/calloc, and Linux mmap_min_addr

Vi erbjuder

  • An international working environment
  • Opportunity to develop cutting edge technology for market leaders and some of the most demanding customers
  • Extensive hardware and software knowledge and all the equipment to build and test complete products and solutions
  • Working on a project basis, promoting competence development
  • At occasions, working on-site with the customer
  • Being part of a wonderful and experienced team where you will never work alone.
  • The Sigma Connectivity company culture.
  • An international working environment
  • Opportunity to develop cutting edge technology for market leaders and some of the most demanding customers
  • Extensive hardware and software knowledge and all the equipment to build and test complete products and solutions
  • Working on a project basis, promoting competence development
  • At occasions, working on-site with the customer
  • Being part of a wonderful and experienced team where you will never work alone.
  • The Sigma Connectivity company culture.
  • Full disk encryption (FDE) or file-based encryption (FBE)
  • Fuzzing embedded systems
  • Able to implement cryptographic mechanisms using dedicated software libraries (e.g. : Mocana, mbedTLS and wolfSSL)
  • Identify and integrate security solutions into products, for example PKI/HSM architectures
  • Use secure elements offered by different suppliers of electronic components (e.g. : Infineon, STMicroelectronics or NXP) and integrate them with embedded cryptographic libraries.
  • Experience with automated (re)validation with CTS and GTS
  • Qualcomm TEE
  • Secure Payment with QPay/NFC and Google Pay
  • Strong documentation and writing skills

Technologies: ASLR, NX, ProPolice, safe_iop, OpenBSD dlmalloc/calloc, and Linux mmap_min_addr

Liknande jobb:

  • Linköping
  • Heltid
  • Göteborg
  • Heltid
  • Göteborg
  • Heltid