Job Description

Project Role :

Security Architect

Project Role Description :

Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.

Must have skills :

Product Security

Good to have skills :

NA

Minimum

5

year(s) of experience is required

Educational Qualification :

15 years full time education



Summary: Product Security Testing Specialist - IoT, Embedded Devices, Hardware, Medical Instruments and automotive connected cars security We are seeking a highly skilled and motivated Product Security Testing Engineer with 6-8 years of proven expertise in IoT, embedded devices, hardware medical instruments and automotive/connected car security. The ideal candidate will have a strong background in security testing methodologies, risk assessment, and a deep understanding of the unique challenges posed by IoT, medical devices and software defined vehicle. This role requires a practical approach to identifying, assessing, and mitigate security flaws in our products as well as expertise in leading and mentoring a group of product security experts. Roles & Responsibilities: . Conduct and lead thorough security assessments of IoT devices, embedded systems, hardware components, and medical instruments. . Conduct security assessments of connected car systems, including in-vehicle networks, infotainment systems, telematics, and communication interfaces. . Identify vulnerabilities and weaknesses in the design, implementation, and configurations of automotive software and hardware components. . Assess the security of in-vehicle communication networks, including CAN bus, Ethernet, and wireless protocols. . Perform penetration testing, vulnerability assessments, and code reviews to identify security weaknesses. . Evaluate the security of IoT ecosystems, including communication protocols, cloud interfaces, and firmware. . Assess the security of embedded systems and identify potential vulnerabilities in both software and hardware. . Perform hardware penetration testing to identify vulnerabilities in electronic systems. . Assess the security of medical devices, ensuring compliance with industry regulations and standards. . Identify and address security risks associated with healthcare information systems and connected medical instruments. . Evaluate and prioritize security risks based on potential impact and likelihood. . Provide recommendations and collaborate with cross-functional teams to implement effective security controls. . Stay current with emerging security threats, vulnerabilities, and testing methodologies. . Implement best practices for security testing and collaborate with development teams to integrate security into the development lifecycle. . Document security testing processes, findings, and remediation recommendations. . Generate comprehensive reports for stakeholders, including technical details and actionable insights. Professional & Technical Skills: . Excellent communication skills, including the ability to convey complex security concepts to technical and non-technical stakeholders. . Demonstrated proficiency in autonomously managing client relationships with a high level of independence and accountability. . Experience of effectively leading teams of various sizes, ranging from small to large, and actively contributing to their skill development and upskilling. . Ability to manage multiple tasks and deadlines. . Hands on experience with penetration testing tools and methodologies. . Proven experience in security testing with a focus on IoT, embedded systems, hardware, and medical instruments. . Knowledge of secure coding practices and the ability to review code for security vulnerabilities. . Familiarity with industry standards and regulations related to product security, such as ISO 27001, ISO/SAE 21434, UNECE WP.29, IEC 62443, UNR-155 and FDA cybersecurity guidelines. . Experience with threat modeling and risk assessment frameworks. . Familiarity with secure development practices for embedded systems. . Understanding of regulatory requirements for medical device security. . Strong understanding of networking protocols, encryption, and authentication mechanisms. Additional Information: . Bachelors or master's degree in engineering or computer science, Information Security, or a related field. . Certifications such as Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or Certified Information Systems Security Professional (CISSP). - 5 or more years experience require in cyber security field including penetration testing, thread modeling, hardware security. - This position is based at our Bengaluru office - A 15 years full time education is required.




15 years full time education