Advanced Embedded Security Engineer

About The Position

Requirements

• Bachelor’s degree in Computer Science, Computer Engineering, Cybersecurity, or a related technical discipline.
• 6+ years of experience
• Hands-on experience in product security, embedded systems security, or a closely related field.
• Hands-on experience securing embedded systems, software, or IoT devices.

Nice To Haves

• Master’s degree in a relevant engineering or cybersecurity field.
• Proven experience integrating security into the CI/CD pipeline and product development lifecycle.
• Proficiency in one or more programming languages such as C, C++, Python, or Java.
• Deep technical expertise in Hardware Security (e.g., TPM, TrustZone, secure boot, tamper resistance, cryptography).
• Experience specific to IoT, connected devices, or automatic identification and data capture (AIDC) technologies.
• Familiarity with industry security standards and compliance requirements (e.g., IEC 62443, FIPS 140).
• Industry-recognized security certifications (e.g., CISSP, CSSLP, GSEC, or offensive security certifications).
• Strong communication skills with the ability to articulate complex security risks to both technical teams and executive leadership.
• Security certifications such as CISSP, CSSLP, GSEC, or equivalent are a plus.

Responsibilities

• Collaborate with stakeholders, including product management and engineering, to define and prioritize security requirements for new and existing products.
• Lead and participate in design and architecture reviews to conduct threat modeling and ensure security is built into software and firmware from the ground up.
• Develop, implement, and enforce security controls and best practices throughout the secure software development lifecycle (SSDLC).
• Collaborate closely with hardware, firmware, software, and systems engineering teams to ensure security requirements are seamlessly integrated without compromising product functionality or time-to-market.
• Respond to, investigate, and lead the remediation of product security vulnerabilities and participate when incidents happen.
• Conduct and oversee security assessments, including penetration testing and code reviews, to proactively identify and mitigate security flaws.
• Serve as the primary technical contact for responding to customer security questionnaires, audits, and inquiries, clearly communicating our security posture.
• Align with the corporate security team to implement and adapt corporate security policies, standards, and best practices within product development.
• Create and maintain detailed documentation for security architecture, and security best practices.
• Develop and deliver security training to development teams to foster a culture of security awareness and accountability.
• Stay current with the latest security threats, vulnerabilities, and mitigation techniques relevant to IoT, embedded systems, software, and firmware.
• Mentor junior engineers and act as a security champion and subject matter expert within the engineering organization.
• Evaluate, implement, and manage security tools (e.g., SAST, DAST, SCA) to automate security testing within the CI/CD pipeline.

Benefits

• healthcare
• wellness
• inclusion networks
• continued learning and development offerings
• community service days
• traditional insurances
• compensation
• parental leave
• employee assistance program
• paid time off
• hybrid work
• adaptable hours
• Summer Flex Fridays
• Focus Fridays
• annual companywide well-being day