Senior Security Engineer - Firmware
Sibros accelerates product development by providing industry scale infrastructure including secure automotive and energy cloud solutions, embedded software components and vehicle controllers. Our world-class team hails from companies like Tesla, Google, Faraday Future and Lockheed Martin. You will get a chance to work with a team of deeply knowledgeable engineers working on creating version 2.0 of the automotive industry!
About the Role
- Assist in defining security roadmap for all our products (OTA, logging, remote diagnostics) and deliver security product spec that includes requirements, design specifications and test plans for the software, and build integration teams.
- Support the Threat Analysis and Risk Assessment (TARA) for the Firmware team
- Perform, review and prioritize remediation of vulnerabilities in the Firmware environment including Infrastructure, third party libraries within an embedded software environment
- Analyze cybersecurity attack entry points and evaluate risk versus impact, and then work with the software team to implement cybersecurity requirements as well as evaluate test and software analysis reports.
- Perform competitive analysis and maintain knowledge of emerging security technologies in both the automotive and consumer electronics field.
- BS / MS in Computer Science or similar degree with 5+ years of relevant experience, technical cybersecurity expertise, and knowledge.
- Experience designing secure networks, systems, and application architectures.
- Experience planning and developing security policies, procedures, and standards.
- Broad comparative understanding of operating systems, networking technologies, and specific implementations - especially from a computer security perspective.
- Working knowledge of public key infrastructure (PKI) in medium to large environments to include key management, digital certificates, and digital signatures, across server and device certificates
- Working knowledge of managing and maintaining encryption cipher suites and impacts of different certificate standards
- Familiarity with standards like ISO 27001, SSAE 16 / 18 SOC 2,
- Intimate knowledge of CIS Benchmarks for Cloud providers, container technologies and key services
- Ability to work in a fast-paced and agile development environment.
- Experience with cloud computing and security including GCP, Azure, AWS, Cloud Foundry or equivalent.
- Familiarity with secure coding practices, processes, and methods
- Experience working with Cloud Posture Assessments, Container Security
- Experience with penetration testing and penetration tools.
- Strong customer focus and obsession with quality.
- Add positive energy in every meeting or interaction with your coworkers.
- Strong communication and analytical skills
Equal Employment Opportunity
Sibros is committed to a policy of equal employment opportunity. We recruit, employ, train, compensate, and promote without regard to race, color, age, sex, ancestry, marital status, religion, national origin, disability, sexual orientation, veteran status, present or past history of mental disability, genetic information or any other classification protected by state or federal law.