Embedded Cyber Security Engineer

We are seeking a high-caliber Senior Product Security Engineer to join our specialized engineering team. In this role, you will act as the primary security architect and "evangelist" for a diverse portfolio of sophisticated embedded systems. You will collaborate directly with cross-functional development teams to lead threat modeling, conduct deep-dive architecture reviews, and validate security designs for mission-critical hardware and software.

The ideal candidate is a security-first engineer who thrives on solving complex vulnerabilities and can mentor development teams in the fine art of secure product lifecycles.

Core Responsibilities Security Architecture & Design: Analyze complex product architectures to identify vulnerabilities, define threat vectors, and qualitatively assess risk for high-stakes environments.

Tactical Execution: Lead Threat Modeling (STRIDE/PASTA) and Architecture Risk Analysis (ARA) on next-generation embedded products.

Offensive & Defensive Testing: Audit and exploit systems under development to expose weaknesses; demonstrate proof-of-concept fixes to engineering leads.

Mentorship & Coaching: Guide developers in implementing advanced cryptography (PKI, Code Signing, TPM) and secure coding standards.

Lifecycle Management: Manage security requirements from initial concept through regulatory certification and continued airworthiness/reliability.

Vulnerability Response: Lead the analysis and validation of CVE patches and provide rapid response for security incidents reported in the field.

Process Innovation: Drive the adoption of innovative secure-by-design methods across the engineering organization.

Education/Experience: * Bachelor's degree + 5 years of professional experience OR * Associate degree + 8 years of professional experience OR * High School Diploma + 10 years of professional experience.

Technical Base: Minimum of 5 years of hands-on experience specifically within embedded systems and applications.

Clearance: Must possess or be eligible to obtain a U.S. Department of Defense (DoD) security clearance.

Work Authorization: Legal authorization to work in the U.S. is required. We will not sponsor individuals for employment visas, now or in the future.

Travel: Ability to travel up to 5% as required.

Technical Skills & Desired Characteristics Coding Proficiency: Strong skills in at least one major embedded language

Security Tooling: Experience conducting static/dynamic code reviews (SAST/DAST) and applying penetration testing principles.

Framework Knowledge: Familiarity with high-assurance risk control frameworks (e.g., DO-326A, NIST CSF, NIST 800-53, or DoD RMF).

Hardware Security: Solid understanding of hardware-level security, including Secure Boot, Encryption at rest/transit, and Trusted Platform Modules (TPM).

Applied Cryptography: Deep knowledge of symmetric/asymmetric cryptography, authentication protocols, and digital signatures.

Communication: Proven ability to translate complex security risks into actionable technical requirements for non-security peers.