DISCOVER OUR EXPERTISE
Senior Security Analyst – Embedded Systems / JavaCard
- Posted 03 May 2023
- Salary £120 - £140k p/annum
- LocationLondon
- Job type Permanent
- DisciplineSoftware Engineering
- Contact NameRobbert Pauli
Job description
We are looking for a Senior Security Analyst to join the team of our client and help evaluate the security of embedded products, such as payment cards, mobile devices, payment terminals or e-Passports. As a Senior Security Analyst, you will be responsible for analyzing embedded applications like products under evaluation, developing and executing high-level penetration tests, supporting and training engineers for evaluation projects, and ensuring the security of software applications.
Responsibilities:
Collaborate with the Project Management team on evaluation scoping, resource requirements, certification body and customer expectations.
Conduct customer code review, which may require traveling to customer premises due to stringent confidentiality and security requirements.\
Perform vulnerability analysis based on the code review to determine potential security weaknesses in the customer product.
Conduct software penetration testing for evaluation, including reverse engineering (static and dynamic), protocol attacks, and developed malicious applications.
Investigate possible logical attack scenarios and provide support for the security evaluation engineers in charge of product testing.\
Write formal reports in line with customer and certification scheme requirements.
Ensure timely delivery of customer projects.
Develop sophisticated, state-of-the-art attacks with tools and scripts by staying up-to-date with the latest attack methods against embedded products.
Maintain and improve technical knowledge by attending educational workshops, reviewing professional publications, obtaining applicable certifications, and participating in professional societies and cross-departmental task forces.
Contribute to internal work processes by improving tools to evaluate efficiency, report writing, and technical training.
Qualifications:
Experience in Java development (including VM and API) on device side such as card (Payment, UICC) or smartphones.
Familiarity with GlobalPlatform Card Specification.
Experience in payment application development with Java language and development applications.
If you have a passion for security and a strong background in embedded systems and JavaCard, we encourage you to apply for this exciting opportunity.