Microsoft Security Specialist role at Syntax focused on delivering Microsoft security workshops and advisory engagements. Collaborating on technology implementation while ensuring customer security success.
About the role
- Senior Embedded Software Engineer leading design and certification of a modular cryptographic framework. Contributing to secure aerospace computing at Collins Aerospace.
Responsibilities
- Lead the evaluation and procurement of off-the-shelf cryptographic libraries from external vendors or chipset suppliers, selecting optimal solutions based on performance, compliance and integration ease.
- In case where suitable external cryptographic libraries are unavailable, design and develop custom modular cryptographic components (e.g., AES, SHA-3, ECC or post quantum primitives) adhering to secure coding practices and formal verification and aerospace standards to minimize risks and ensure reusability.
- Direct integration of selected (or custom-developed) libraries into embedded system through development of standardized peripheral drivers compatible with diverse chip vendors (e.g., ARM, Power PC etc.) and common driver services in a modular framework.
- Collaborate with hardware, security, and systems teams to prototype integrations, document APIs/frameworks, make design decisions, prepare usage guidelines and recommend production-scale adaptations.
- Build and test applications leveraging this framework, demonstrating end-to-end hardware security concepts with cryptographic operations like encryption/decryption, digital signature, key management, and authentication in aerospace environments.
- Implement secure boot processes, including firmware validation, chain-of-trust establishment, and hardware root of trust integration.
- Conduct verification and validation testing, including unit/integration testing, security audits and performance benchmarking, to verify interoperability and compliance.
- Conduct security analyses, including side channel attack mitigations (e.g. timing, power analysis) and formal verification of cryptographic implementations.
- Mentor engineers across the embedded development lifecycle, sharing cryptographic best practices, conduct code reviews, and enforce adherence to coding standards e.g., MISRA, CERT guidelines.
- Monitor emerging updates to libraries, standards and aerospace security threats in order to plan roadmap of the project; contribute to patches when required.
- Perform and coordinate dedicated risk assessment for cryptographic integrations and overall security concepts to identify, prioritize, and mitigate vulnerabilities, threats and failure modules in embedded environments.
Requirements
- Bachelor's or Master's degree in Electronics and Communication, Electrical Engineering, Aerospace engineering, Computer Science or a closely related field; advanced degree preferred.
- 5+ years of experience in embedded software development, with at least 2 years focused on cryptographic integration and development.
- Deep proficiency in C/C++ for low level embedded programming; including bare metal, real-time operating systems environments (e.g., VxWorks, FreeRTOS).
- Demonstrated expertise in interfacing with multi-vendor hardware peripheral, such as SPI, I2C, UART, CAN, Ethernet, and cryptographic accelerators on platforms with chipset vendors TI, NXP etc.
- Proven track record integrating commercial crypto libraries and (e.g., mbedTLS, wolfSSL, OpenSSL derivatives) in to embedded systems, with successful deployments in secure applications.
- Experience with implementing cybersecurity controls on hardware platforms e.g., secure boot mechanism including cryptographic firmware signing, secure provisioning, and chain-of-trust validation.
- In depth knowledge of security validation frameworks for embedded systems.
- Excellent analytical and debugging skills, with experience in prototyping development, security validation, and risk assessment in regulated and high-reliability environment.
- Ability to work collaboratively in cross-functional teams, with strong communication skills for technical documentation documentation and stakeholder briefings.
Benefits
- Group Term Life Insurance.
- Group Health Insurance.
- Group Personal Accident Insurance.
- Employee scholar program.
- Work life balance.
- Car lease program.
- National Pension Scheme.
- LTA.
- Fuel & Maintenance /Driver wages.
- Meal vouchers.
- And more!
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Cybersecurity Specialist developing IT resilience and disaster recovery concepts for a global scale in secure IT services. Collaborating across borders in shaping organizational security standards.
Senior Cybersecurity Scrum Master focusing on release management at AT&T, collaborating across teams and managing production change requests with an Agile mindset.
BISO responsible for planning and executing enterprise - wide information security initiatives at Elsevier. Driving cybersecurity awareness and managing technical risk assessments for organizational improvements.
Develop innovative Cloud architectures on Microsoft Azure platforms. Secure cloud infrastructure and applications against various threats while working in a project team.
Analista Pleno de Segurança Patrimonial na Hershey Brasil, responsável por suporte de segurança física e gestão de serviços de segurança. Atuará em conformidade e gestão de crise em São Roque.
Senior Security Architect managing security architecture for Fitch Group. Leading design and implementation of control sets for emerging technologies.
Regional Information Security Officer managing security protocols and compliance for KARL STORZ. Leading local ISOs and enhancing information security measures across subsidiaries.
CISO managing information security and privacy governance at Puzzel, a leading cloud - based contact center provider in Europe. Engaging with stakeholders for compliance and risk management.
Manager of IT Support & Endpoint Security overseeing service desk operations and endpoint security strategies. Leading a team to deliver high - quality technical support and manage IT security policies.