DevSecOps Engineer - Threat Detection

Key Responsibilities : Security & Compliance : - Strong knowledge of security best practices in hardware and embedded systems. - Experience with firmware security, secure boot, and TPM (Trusted Platform Module). - Proficiency in threat modelling and risk assessment for hardware-based environments. - Understanding of Zero Trust Architecture (ZTA) and network segmentation for IoT and embedded systems. - Experience with secure coding practices for low-level programming (C/C++, Rust). - Knowledge of security frameworks such as NIST, ISO 27001, CIS Benchmarks, and OWASP Firmware Security. - Experience with HSM (Hardware Security Modules), cryptographic libraries (OpenSSL, BoringSSL), and secure key management. 2. Infrastructure & Automation : - Strong experience with Infrastructure as Code (IaC) tools like Terraform, Ansible, and CloudFormation. - Hands-on experience with CI/CD pipelines (Jenkins, GitLab CI/CD, GitHub Actions, ArgoCD) for firmware and embedded software releases. - Knowledge of automated security testing tools (e.g., SAST, DAST, fuzzing tools for firmware). - Experience with container security (Docker security, Kubernetes security best practices). - Proficiency in log management & SIEM (Splunk, ELK Stack, Graylog). 3. Hardware & Embedded Systems Security : - Understanding of hardware attack vectors (e.g., side-channel attacks, JTAG debugging vulnerabilities, bootloader exploits). - Experience with reverse engineering hardware and firmware analysis using tools like Ghidra, IDA Pro, or Radare2. - Knowledge of secure firmware development (e.g., Yocto, Buildroot, UEFI security). - Familiarity with embedded OS security (e.g., Linux, RTOS, QNX, FreeRTOS). - Hands-on experience with chipset security (ARM TrustZone, Intel SGX, AMD SEV). 4. Networking & Cloud Security - Strong understanding of network protocols (TCP/IP, MQTT, CoAP) and their security implications for embedded devices. - Experience with VPNs, TLS, and IPSec for securing hardware communications. - Knowledge of cloud security for IoT platforms (AWS IoT, Azure IoT Hub, Google IoT Core). - Familiarity with IoT security frameworks (e.g., ETSI EN 303 645, IoT Security Foundation). 5. Monitoring, Incident Response & Forensics - Experience with SIEM tools for real-time threat detection in hardware environments. - Knowledge of endpoint detection and response (EDR) solutions for embedded devices. - Familiarity with memory forensics and firmware anomaly detection. - Experience conducting post-mortem security analysis after breaches in IoT/hardware products. 6. Programming & Scripting - Proficiency in scripting for automation and security hardening (Python, Bash, PowerShell). - Strong knowledge of C/C++ and Rust for firmware security audits and patching vulnerabilities. - Experience with kernel debugging tools (GDB, LLDB) and debugging secure boot issues. 7. Compliance & Regulatory Knowledge - Familiarity with hardware security standards (e.g., FIPS 140-2/140-3, Common Criteria, TCG standards). - Experience with GDPR, HIPAA, and CCPA compliance for data security in embedded systems. - Understanding of safety-critical certifications (e.g., ISO 26262 for automotive, IEC 62443 for industrial IoT). (ref:hirist.tech)

Location: bangalore, IN

Posted Date: 5/2/2025