Duties and Responsibilities:
- Design end-to-end security frameworks for IoT devices, gateways, and backend infrastructure.
- Secure firmware, boot processes, and hardware interfaces (e.g., JTAG, UART).
- Implement secure communication protocols such as TLS, MQTT, and CoAP.
- Assess vulnerabilities in embedded systems and perform firmware analysis or reverse engineering.
- Monitor IoT networks for anomalous behavior, device spoofing, and command injection.
- Work with product engineers to embed security into the device lifecycle (development to decommissioning).
- Ensure compliance with standards like IEC 62443, NIST IR 8259, or GDPR for IoT.
Requirements and Qualifications:
- Bachelor’s in Electrical Engineering, Cybersecurity, or related field.
- Experience with embedded systems, real-time OS, and microcontroller architectures.
- Proficiency in threat modeling and secure software development for constrained devices.
- Familiarity with OTA update security, PKI infrastructure, and device identity.
- Tools knowledge: Shodan, Wireshark, Ghidra, Binwalk.
- Certifications such as CISSP, GIAC GICSP, or OSCP are a plus.