Advanced Embedded Security Engineer
About The Position
The Advanced Engineer Security, as an integral part of the Advanced Data Capture (ADC) product security team, is responsible to ensure that a Secure Development Lifecycle (SDLC) is defined, applied, followed and maintained across all ADC product development in compliance with corporate cyber security policies procedures and initiatives. The role requires designing, developing, and supporting a wide range of security controls, and software components in a variety of operating systems such as embedded, Windows, Linux, Android, and IOS. The software components may include application, middleware, firmware or web services across all ADC products. The role also requires documenting and communicating security processes policies and procedures to the development team and to all other stakeholders on a regular basis.
Requirements
- Bachelor's degree required
- 8+ years of experience
- Verifiable years of experience in enterprise software security
- Performing threat analysis and risk assessments
- Designing and developing security controls
- Vulnerability Management experience
Nice To Haves
- Proven experience in product security for embedded systems, consumer electronics, or IoT devices
- Full stack software security, Information Security, DevSecOps Certifications, Cloud Security, CISSP certification
- Vulnerability management tool experience
- Security standards compliance and regulations
- Cloud security experience
- Penetration testing experience
- Experience in SAMM or BSIMM.
- Cryptographic standards understanding/knowledge
- Incident response experience
- Disaster Recovery Planning and implementation experience
- Effective verbal and written communication skills
Responsibilities
- Define product security framework, policies, processes, & procedures.
- Working with embedded devices doing firmware development.
- Facilitate and lead BU security efforts by participating in daily agile stand-ups and drive security best practices across the business unit.
- Partner with scrum teams for secure software solution architecture.
- Support quarterly SAMM self-assessments (set goals, report status, support audits.
- Seek ways to apply new security technology to and reuse existing security technology in support of BU’s business strategy.
- Perform threat analysis and risk assessments.
- Design security controls, monitoring, and scanning tools.
- Support and guide engineering with the Secure Development Lifecycle (SDLC) workflow across ALL products.
- Compile and approve the security checklist for release of milestones.
- Support penetration testing efforts.
- Manage incident responses
- Assist in the development and review of product security documents.
- Deliver Security DevOps with different scrum teams and plan user stories for sprints while addressing requirements and orchestrating security impact.
- Develop and maintain best practices for deploying desktop, native, web and service-based applications in Linux, Windows and other environments.
Benefits
- healthcare
- wellness
- inclusion networks
- continued learning and development offerings
- community service days
- traditional insurances
- compensation
- parental leave
- employee assistance program
- paid time off
- hybrid work
- adaptable hours
- Summer Flex Fridays
- Focus Fridays
- annual companywide well-being day
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
