Lead Embedded Security Engineer
Job Description Summary
We are seeking an experienced Embedded Security Engineer to join our team. In this role, you will bridge the gap between low-level embedded software development and robust cybersecurity. You will be responsible for ensuring that our eLumina devices are secure by design, compliant with international standards, and resilient against evolving threats.
Job Description
Key Responsibilities:
Embedded Development: Design, develop, test, and debug embedded software, ensuring code is robust, efficient, and well-optimized.
Security Implementation: Execute the Secure Development Life Cycle (SDL) for assigned components, ensuring compliance with IEC-62443-4-2 standards.
Vulnerability Management: Perform regular code/third-party scans, manage SBOM/HBOM inventories, and remediate identified vulnerabilities.
System Hardening: Implement security features such as Secure Boot, authentication mechanisms, and system logging.
Integration & Collaboration: Work closely with hardware and cross-functional teams to integrate software with hardware, participating in code reviews and design discussions.
Validation: Conduct software verification and validation activities to ensure product quality and meet security certification requirements (e.g., BV, Exida).
Documentation: Maintain clear documentation, including technical design specs and customer-facing Secure Deployment Guides.
Required qualifications:
Education: Bachelor’s or master’s degree in computer science, Electronic & Communication Engineering, Electrical Engineering, or a related field.
Embedded Experience: 5+ years of hands-on experience in embedded software development with exposure to security standards.
Technical Proficiency:
Advanced proficiency in Embedded C/C++ for optimized code development.
Strong hands-on experience with RTOS platforms (e.g., FreeRTOS, VxWorks) managing real-time constraints.
Strong proficiency in Python for automation and security scripting.
Security Expertise:
In-depth knowledge of IEC-62443-4-2 and Secure Development Life Cycle (SDL) practices.
Experience with secure boot, authentication protocols, and device-level security hardening.
Familiarity with vulnerability management, SBOM/HBOM generation, and third-party risk assessment.
Core Competencies:
Solid understanding of hardware/software integration, memory management, and device drivers.
Excellent debugging and problem-solving abilities.
Strong communication skills, with the ability to facilitate effective collaboration with cross-functional teams and stakeholders.
Preferred Skills:
Familiarity with IEC-61850 standards for communication networks and systems in power utility automation.
Knowledge of software configuration management tools such as Git or SVN.
Additional Information
Relocation Assistance Provided: Yes