Product Security

Product Security

Roles & Responsibilities:

. Conduct and lead thorough security assessments of IoT devices, embedded systems, hardware components, and medical instruments.

. Conduct security assessments of connected car systems, including in-vehicle networks, infotainment systems, telematics, and communication interfaces.

. Identify vulnerabilities and weaknesses in the design, implementation, and configurations of automotive software and hardware components.

. Assess the security of in-vehicle communication networks, including CAN bus, Ethernet, and wireless protocols.

. Perform penetration testing, vulnerability assessments, and code reviews to identify security weaknesses.

. Evaluate the security of IoT ecosystems, including communication protocols, cloud interfaces, and firmware.

. Assess the security of embedded systems and identify potential vulnerabilities in both software and hardware.

. Perform hardware penetration testing to identify vulnerabilities in electronic systems.

. Assess the security of medical devices, ensuring compliance with industry regulations and standards.

. Identify and address security risks associated with healthcare information systems and connected medical instruments.

. Evaluate and prioritize security risks based on potential impact and likelihood.

. Provide recommendations and collaborate with cross-functional teams to implement effective security controls.

. Stay current with emerging security threats, vulnerabilities, and testing methodologies.

. Implement best practices for security testing and collaborate with development teams to integrate security into the development lifecycle.

. Document security testing processes, findings, and remediation recommendations.

. Generate comprehensive reports for stakeholders, including technical details and actionable insights.

Professional & Technical Skills:

. Excellent communication skills, including the ability to convey complex security concepts to technical and non-technical stakeholders.

. Demonstrated proficiency in autonomously managing client relationships with a high level of independence and accountability.

. Experience of effectively leading teams of various sizes, ranging from small to large, and actively contributing to their skill development and upskilling.

. Ability to manage multiple tasks and deadlines.

. Hands on experience with penetration testing tools and methodologies.

. Proven experience in security testing with a focus on IoT, embedded systems, hardware, and medical instruments.

. Knowledge of secure coding practices and the ability to review code for security vulnerabilities.

. Familiarity with industry standards and regulations related to product security, such as ISO 27001, ISO/SAE 21434, UNECE WP.29, IEC 62443, UNR-155 and FDA cybersecurity guidelines.

. Experience with threat modeling and risk assessment frameworks.

. Familiarity with secure development practices for embedded systems.

. Understanding of regulatory requirements for medical device security.

. Strong understanding of networking protocols, encryption, and authentication mechanisms.

Additional Information:

. Bachelors or master's degree in engineering or computer science, Information Security, or a related field.

. Certifications such as Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or Certified Information Systems Security Professional (CISSP).

- 5 or more years experience require in cyber security field including penetration testing, thread modeling, hardware security.

- This position is based at our Bengaluru office

- A 15 years full time education is required.

15 years full time education