Security Software Developer

About The Position

Requirements

• Diploma or degree in Computer Science, Computer Engineering, Cybersecurity, or a related field.
• 1–2 years of experience with C/C++ development.
• 1–2 years of experience with Python and Bash scripting.
• Ability to read and interpret security standards, protection profiles, or compliance documentation.
• Familiarity with common security concepts such as TLS/SSL, x.509 certificates, authentication mechanisms, and cryptographic protocols.
• Basic understanding of Linux security management, including firewall configuration, service hardening, and user/permission management.
• Familiarity with securing network management protocols (SSH, SNMP, syslog, NTP, HTTPS).
• Experience tracking CVEs or security advisories and applying upstream patches or fixes.
• Experience with Jenkins or similar CI/CD tools.
• Strong analytical skills and attention to detail when working with security-sensitive code.
• A willingness to learn new technologies and take ownership of improving existing designs, processes, and tools for the betterment of the product and the team.

Nice To Haves

• Prior experience with Common Criteria, NDcPP, or FIPS certification processes, including contributing to evaluation documentation.
• Familiarity with embedded Linux build systems (e.g., Buildroot, Yocto) and package management in embedded environments.
• Experience with secure coding practices in C/C++ (memory safety, input validation, privilege management).
• Awareness of Post-Quantum Cryptography (PQC) concepts and emerging standards.
• Familiarity with version control systems (Git, Subversion).
• CompTIA Security+, CompTIA Linux+, or similar industry certifications.

Responsibilities

• Review and interpret security requirements for NDcPP (Common Criteria) certifications, which occur periodically every few years, and translate them into actionable development tasks.
• Implement and update product software to satisfy evolving security certification requirements — including cryptography, certificate management, authentication, audit logging, and access control — through a mix of C/C++ and Python/Bash development, package patching, and configuration changes as needed.
• Harden the embedded Linux environment, including managing firewall rules (iptables), disabling insecure services and defaults, configuring secure boot, and enforcing least-privilege port policies.
• Secure and configure network management protocols such as SSH, SNMPv3, syslog over TLS, NTP authentication, and HTTPS in line with certification requirements.
• Periodically upgrade the embedded Linux OS and its associated packages to maintain security compliance and long-term supportability.
• Regularly monitor CVE reports and security advisories, and address identified vulnerabilities by backporting upstream patches, updating dependent packages, or applying fixes to existing product revisions.
• Contribute to formal security certification documentation, including CC Security Guides, Security Targets, and related evaluation deliverables.
• Develop and maintain utility scripts in Python and Bash to support security workflows, testing, and automation.
• Contribute to the maintenance of the team’s Jenkins CI infrastructure as needed, including updating Jenkins packages and plugins, maintaining build scripts (Python/Bash), and occasional triage of build failures. This responsibility is shared across the team based on workload and availability.

Benefits

• Employer funded benefits program
• Competitive total compensation package
• Work-Life Balance
• Employee assistance plan
• Employee Discount Platform
• Career Progression
• Casual Work Environment
• Social Events and Sports Teams