Security Engineer - Embedded Software
UL Solutions
- Leiden, Zuid-Holland
- Vast
- Voltijds
- Support the Project Management team on evaluation scoping, resource requirements, certification body and customer expectations.
- Customer code review: due to stringent confidentiality and security requirements, it often requires traveling to customer premises.
- Based on the code review a vulnerability analysis has to be carried out, to determine if the customer product has any potential security weaknesses.
- Perform software penetration testing for evaluation with regards to reverse engineering (static and dynamic), protocol attacks, and developed malicious applications.
- Investigate possible logical attack scenarios. Provide support for the security evaluation engineers in charge of product testing - by interpreting the code review findings, orienting the attack paths and analyzing the test results.
- Formal report writing in line with customer and certification scheme requirements (EMVCo)
- Delivery of customer projects on time.
- Develop sophisticated, state-of-the-art attacks with tools and scripts by maintaining a high level of expertise in the latest attack methods against embedded products.
- Maintains/improves technical knowledge by attending educational workshops, reviewing professional publications, obtaining applicable certifications and participating in professional societies and cross-departmental task forces.
- Contribute to internal work processes by improving tools to evaluate efficiency, report writing and technical training.
- Experience in Java development (including VM and API) on device side such as card (Payment, UICC) or smart phones.
- Familiar with GlobalPlatform Card Specification.
- Experience in payment application development with Java language and development applications.