Security Engineer - Firmware
San Jose, CA
Applications have closed
Sibros
Sibros' connected vehicle platform enables automakers with full lifecycle OTA software updates, data logging, remote diagnostics, and more.Sibros accelerates product development by providing industry scale infrastructure including secure automotive and energy cloud solutions, embedded software components and vehicle controllers. Our world-class team hails from companies like Tesla, Google, Faraday Future and Lockheed Martin. You will get a chance to work with a team of deeply knowledgeable engineers working on creating version 2.0 of the automotive industry!
About the Role- Assist in defining security roadmap for all our products (OTA, logging, remote diagnostics) and deliver security product spec that includes requirements, design specifications and test plans for the software, and build integration teams.
- Support the Threat Analysis and Risk Assessment (TARA) for the Firmware team
- Perform, review and prioritize remediation of vulnerabilities in the Firmware environment including Infrastructure, third party libraries within an embedded software environment
- Analyze cybersecurity attack entry points and evaluate risk versus impact, and then work with the software team to implement cybersecurity requirements as well as evaluate test and software analysis reports.
- Perform competitive analysis and maintain knowledge of emerging security technologies in both the automotive and consumer electronics field.
- BS / MS in Computer Science or similar degree with 5+ years of relevant experience, technical cybersecurity expertise, and knowledge.
- Experience designing secure networks, systems, and application architectures.
- Experience planning and developing security policies, procedures, and standards.
- Broad comparative understanding of operating systems, networking technologies, and specific implementations - especially from a computer security perspective.
- Working knowledge of public key infrastructure (PKI) in medium to large environments to include key management, digital certificates, and digital signatures, across server and device certificates
- Working knowledge of managing and maintaining encryption cipher suites and impacts of different certificate standards
- Familiarity with standards like ISO 27001, SSAE 16 / 18 SOC 2,
- Intimate knowledge of CIS Benchmarks for Cloud providers, container technologies and key services
- Ability to work in a fast-paced and agile development environment.
- Experience with cloud computing and security including GCP, Azure, AWS, Cloud Foundry or equivalent.
- Familiarity with secure coding practices, processes, and methods
- Experience working with Cloud Posture Assessments, Container Security
- Experience with penetration testing and penetration tools.
- Strong customer focus and obsession with quality.
- Add positive energy in every meeting or interaction with your coworkers.
- Strong communication and analytical skills
Sibros is committed to a policy of equal employment opportunity. We recruit, employ, train, compensate, and promote without regard to race, color, age, sex, ancestry, marital status, religion, national origin, disability, sexual orientation, veteran status, present or past history of mental disability, genetic information or any other classification protected by state or federal law.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile AWS Azure Cloud Computer Science Encryption GCP ISO 27001 Pentesting PKI Risk assessment SOC SOC 2 Vulnerabilities
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open ISO 27001-related jobs
- Open Clearance-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open DevOps-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open CI/CD-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs