The key accountabilities of this position are:
1. Security standards and best practices:
- Stay up-to-date with the industry security standards and best practices.
- Ensure the very best security practices are followed across our organization.
- Architect new software systems and liaise with project teams and balancing their projects’ needs with privacy-conscious and security-conscious results.
- Ensure security and privacy are considered in every stage of the development life cycle and that security issues are found and fixed as early as possible (SSDLC practices)
- Audit the existing hardware and software.
- Help improve automated security testing and ensure it's integrated with existing build systems.
- Ensure all communication between devices protects the privacy and safety of our customers.
- Develop security solutions that work within the constraints of embedded systems.
2. Ensuring Product standards:
- Deal with common vulnerabilities such as buffer overflows, SQL injections, XSS attacks, and common mitigation techniques.
- Develop knowledge of cryptographic primitives and how to apply them to a variety of challenges from initial device set up, firmware signing and web TLS.
- Work with certifying bodies such as UL to ensure our products meeting standards.
- Work with 3rd party security consultants for security assessments and penetration tests
Role Requirements
- Post-high school degree in Software Engineering or Software security specific discipline
- Certificate(s) on cybersecurity related training a bonus
- Programming proficiency in at least one of the following languages: JavaScript, C, or C++
- Experience developing for embedded environments
- Demonstrated cybersecurity experience
- Experience dealing with certification entities a plus
- Linux system internals; TCP/IP networking, and software engineering fundamentals
- Familiarity with common vulnerabilities such as buffer overflows, SQL injections, XSS attacks, and common mitigation techniques
- Other security flaws detection and resolution
- Working knowledge of cryptographic primitives and how to apply them to variety of challenges from initial device set up, firmware signing and web TLS
- Authentication mechanisms
Sound like you? Send in your resume application today!