Security Architect
Role details
Job location
Tech stack
Job description
-
Define security requirements and checklist for IoT platforms.
-
Champion the Client's product security SDLC. This includes threat modeling, security testing, penetration testing, security code reviews, and secure design/architecture reviews, and identifying and fixing vulnerabilities in software and applications.
-
Perform vulnerability research, assessment and management, serve as technical security/risk advisor on all new technology/developed by the Client.
-
Provide architectural guidance and leadership on best practices regarding security in software development, IoT platform, mobile application, user interface design frameworks, high performance messaging solutions, server-side development, integrations and tools and technologies.
-
Work across SW/HW engineering, production, and operations teams and ODM/OEM to identify component and system level security risks, determine technical security controls to mitigate risks, prioritize and schedule controls with product development timelines.
-
Work with corporate security governance team to comply with internal SLA and policies.
-
Mentor junior Security Engineers.
-
Maintain knowledge of current and emerging technologies / products / trends related to security architectural solutions.
Requirements
-
12+ years of experience in security research, product security, and/or software engineering.
-
Demonstrated expertise in cryptographic algorithms and protocols.
-
Demonstrated expertise in network protocols.
-
Demonstrated expertise in end-to-end software architecture.
-
Proficiency in programming languages - Java, C/C++.
-
Proficiency in Secure Boot and Trusted Execution Environment (TEE).
-
Ability to present complex security topics to wide range of internal and internal audiences (engineers to executives).
-
Strong project planning and execution skills.
-
Excellent written & oral communication skills and coordination with peers, end-users, and management.
-
Good analytical and debugging skills; creative ability, good organizational skills.
Preferred:
-
CISSP or equivalent certification.
-
Proficiency in audio and video streaming protocols.