Do you like analyzing complex security issues?
This security lab is an ambitious organization specializing in embedded security testing for leading international clients from the semiconductor, payment, Pay TV, mobile and smart metering industry. They have engaging projects, an open office environment, and they are looking for self-motivated individuals who would like to carve out their niche in our growing company. If you like to use different techniques for instance source code review, software reverse engineering and exploitation, then we are looking for you. You will work mainly for Mobile Security Assessments in the payments market, but hardware projects or any other type of project may come your way if your are up for it.
What is my role as Software Security Analyst
- The organization evaluates the security of products that use embedded and smart card technologies, usually in teams of 2-4 security analysts. The main activities of the evaluation process include analyzing threats and weaknesses by taking apart a device’s specifications, code or hardware, and then developing the necessary tools to attack the security. Results of this go into a report, and we give recommendations for solving these problems.
- In addition to evaluation work they carry out other projects, including consultancy work, research, tool development, and training. As a state-of-the-art lab, their internal research and development process is a necessity to remain competitive. They record the knowledge they gain during their projects in the knowledge database to ensure it is preserved and shared within the organization.
- Work is mainly done at the office in Delft. Parts of a project may require working at the customer’s premises. Depending on the type of assignment and your level of experience you are in regular contact with a customer’s technical liaison during a project. All communication with our customers is done in English.
What skills do I need as Software Security Analyst
- You have successfully completed an academic course in Information Technology or Electrical Engineering.
- You have 1 to 5 year’s work experience:
- You have a good understanding of mobile security, low-level computer architecture, security concepts, embedded system architecture, OS internals, Trusted Execution Environments, cryptographic algorithms and protocols, white box crypto;
- You have experience with reverse engineering of binary code, ARM assembly and the programming languages C/C++, and Java.
- You have experience with exploitation of software vulnerabilities;
- You have experience with finding vulnerabilities in source code of binaries through manual review;
- with mobile security for IOS and Android, It would be a bonus when you have experience with developing mobile applications or have experience in the payment market.
- You have a creative mind with an eye for detail, and you like to make sure we use the right methods and equipment to detect security issues.
- You have a good command of the English language, both verbally and written.
- You have good social skills and you are a pleasant co-worker who likes to collaborate in a multidisciplinary team of security specialists.
- You are flexible, and you enjoy travelling to customers in Europe, North America, or Asia every now and then.