Senior Security Analyst – Embedded Systems / JavaCard

Posted 03 May 2023
Salary £120 - £140k p/annum
LocationLondon
Job type Permanent
Discipline Software Engineering

Job description

​We are looking for a Senior Security Analyst to join the team of our client and help evaluate the security of embedded products, such as payment cards, mobile devices, payment terminals or e-Passports. As a Senior Security Analyst, you will be responsible for analyzing embedded applications like products under evaluation, developing and executing high-level penetration tests, supporting and training engineers for evaluation projects, and ensuring the security of software applications.

Responsibilities:

  • Collaborate with the Project Management team on evaluation scoping, resource requirements, certification body and customer expectations.

  • Conduct customer code review, which may require traveling to customer premises due to stringent confidentiality and security requirements.\

  • Perform vulnerability analysis based on the code review to determine potential security weaknesses in the customer product.

  • Conduct software penetration testing for evaluation, including reverse engineering (static and dynamic), protocol attacks, and developed malicious applications.

  • Investigate possible logical attack scenarios and provide support for the security evaluation engineers in charge of product testing.\

  • Write formal reports in line with customer and certification scheme requirements.

  • Ensure timely delivery of customer projects.

  • Develop sophisticated, state-of-the-art attacks with tools and scripts by staying up-to-date with the latest attack methods against embedded products.

  • Maintain and improve technical knowledge by attending educational workshops, reviewing professional publications, obtaining applicable certifications, and participating in professional societies and cross-departmental task forces.

  • Contribute to internal work processes by improving tools to evaluate efficiency, report writing, and technical training.

Qualifications:

  • Experience in Java development (including VM and API) on device side such as card (Payment, UICC) or smartphones.

  • Familiarity with GlobalPlatform Card Specification.

  • Experience in payment application development with Java language and development applications.

If you have a passion for security and a strong background in embedded systems and JavaCard, we encourage you to apply for this exciting opportunity.