We are currently recruiting a Cyber Security Engineer for an industry leader in Pittsburgh. This is a direct hire, permanent role located in Pittsburgh. There IS relocation assistance available for candidates not local to the Pittsburgh Metro Area. This is a hybrid role, requiring 3 days per week in-office and 2 days per week work-from-home. This is a mid-level role, requiring 2 to 5 years experience and the salary is reflective of that level. Due to the nature of the company's work, candidates MUST be "US Persons, defined as Green Card Holders, political asylees or U.S. Citizens".
In this role, you will be part of the company's global Cyber Security team and will participate in driving security solutions for the company's products, with a focus on hardware and embedded systems. You will evaluate products, conduct research and development, conduct code reviews, analyze new security tools and related activities in both lab and production environments.
Responsibilities:
- Threat modeling for hardware and embedded products; identify hardware security requirements and perform penetration testing & risk rating.
- Review the security features and datasheet of various chipsets used in embedded devices and recommend right chipsets for company products.
- Participate in architectural reviews of the hardware designs that impact hardware root of trust, bootloader, secure boot, certificate/key storage etc. on various platforms.
- Setup various tools and perform hardware security testing and propose the mitigation techniques to product development team.
- Automate the hardware testing process including secure boot and secure firmware upgrade functionalities.
- Build tools, scripts, and automation frameworks around security to achieve company -scale impact.
Requirements:
- Bachelors Degree and at least 3 years experience in cyber security, including threat modeling and working with hardware security testing tools. Degree in technical discipline such as Computer Science, Computer Security, Engineering or similar is preferred.
- Good knowledge of hardware security features such as TrustZone, HSM, TPM, secure elements .
- Knowledge of cybersecurity standards and protocols such as IEC 62443, UL2900, IEC15118, SAE21434, PKCS, Matter, EV Charger security such as OCPP etc.
- Experience in writing scripts for tools such as Open OCD with focus on programming languages such as Python or Java..
- Working knowledge of networking fundamentals, network protocols and Access Control/ User Authentication and Identity Management.
Job Type: Full-time
Pay: $85,500.00 - $125,000.00 per year
Benefits:
- 401(k)
- 401(k) matching
- Dental insurance
- Health insurance
- Paid time off
- Relocation assistance
- Vision insurance
Compensation package:
Experience level:
Schedule:
- Day shift
- Monday to Friday
Application Question(s):
- Do you have a degree in Computer Security, Computer Science, Electrical Engineering, or similar field with emphasis in Cybersecurity?
Education:
Experience:
- cyber threat modeling: 3 years (Required)
- hardware security testing: 3 years (Required)
- scripting with Python or Java: 3 years (Required)
- cyber security standards and protocols like IEC 62443: 4 years (Required)
Ability to Relocate:
- Pittsburgh, PA 15275: Relocate with an employer provided relocation package (Required)
Work Location: Hybrid remote in Pittsburgh, PA 15275