Advanced Embedded Security Engineer

The Advanced Engineer Security, as an integral part of the Advanced Data Capture (ADC) product security team, is responsible to ensure that a Secure Development Lifecycle (SDLC) is defined, applied, followed and maintained across all ADC product development in compliance with corporate cyber security policies procedures and initiatives.

The role requires designing, developing, and supporting a wide range of security controls, and software components in a variety of operating systems such as embedded, Windows, Linux, Android, and IOS. The software components may include application, middleware, firmware or web services across all ADC products.

The role also requires documenting and communicating security processes policies and procedures to the development team and to all other stakeholders on a regular basis.

Location- Role is required to be onsite in the Holtsville, NY office. (Hybrid- Minimum of 3 days in the office per week).*

• Define product security framework, policies, processes, & procedures.
• Working with embedded devices doing firmware development.
• Facilitate and lead BU security efforts by participating in daily agile stand-ups and drive security best practices across the business unit. Partner with scrum teams for secure software solution architecture.
• Support quarterly SAMM self-assessments (set goals, report status, support audits.
• Seek ways to apply new security technology to and reuse existing security technology in support of BU's business strategy.
• Perform threat analysis and risk assessments.
• Design security controls, monitoring, and scanning tools.
• Support and guide engineering with the Secure Development Lifecycle (SDLC) workflow across ALL products.
• Compile and approve the security checklist for release of milestones.
• Support penetration testing efforts.
• Manage incident responses
• Assist in the development and review of product security documents.
• Deliver Security DevOps with different scrum teams and plan user stories for sprints while addressing requirements and orchestrating security impact.
• Develop and maintain best practices for deploying desktop, native, web and service-based applications in Linux, Windows and other environments.

• Bachelor's degree required
• 8+ years of experience
• Verifiable years of experience in enterprise software security
• Performing threat analysis and risk assessments
• Designing and developing security controls
• Vulnerability Management experience, * Proven experience in product security for embedded systems, consumer electronics, or IoT devices
• Full stack software security, Information Security, DevSecOps Certifications, Cloud Security, CISSP certification
• Vulnerability management tool experience
• Security standards compliance and regulations
• Cloud security experience
• Penetration testing experience
• Experience in SAMM or BSIMM.
• Cryptographic standards understanding/knowledge
• Incident response experience
• Disaster Recovery Planning and implementation experience
• Effective verbal and written communication skills

Location- Role is required to be onsite in Holtsville, NY office (Hybrid- Minimum of 3 days in the office per week).*

$122,800.00 - $184,200.00 Annual

Incentive Compensation:

In addition to base pay, Zebra offers this role the opportunity to earn a performance-based annual cash incentive, at a target equal to 12% of base pay, in accordance with the terms of the applicable incentive plan.

Zebra Total Rewards:

Zebra Total Rewards includes more than just pay and is structured to meet the needs of our changing global business and evolving talent. We are committed to providing our employees with a benefits program that is comprehensive and competitive - including healthcare, wellness, inclusion networks, and continued learning and development offerings. We offer community service days, in addition to the traditional insurances, compensation, parental leave, employee assistance program and paid time off offerings depending on the country where you work.

Salary offered will vary depending on your location, job-related skills, knowledge, and experience.

Additionally, all Zebra roles are eligible for cash incentive programs. For example, sales roles have additional opportunity to earn substantial variable compensation tied to quota achievement. In most other roles, the Zebra annual cash incentive program links Company and individual performance together. Some roles may also be eligible for long-term incentive equity awards., We understand the importance of work-life balance and wellbeing, which is why we offer flexibility for our teams including: hybrid work, adaptable hours, Summer Flex Fridays, Focus Fridays, and an annual companywide well-being day to promote revitalization and success.