AI Security Engineer strengthening the security of AI/ML pipelines and compliance at fintech company. Collaborating with data scientists and engineers to implement security controls across infrastructure.
About the role
- Senior Offensive Security Engineer at Openchip, focusing on software security assessments and vulnerability testing. Working collaboratively to improve security across various technology stacks.
Responsibilities
- Identify Vulnerabilities: Discover security flaws before they can be exploited, using offensive security techniques across the full software and firmware stack.
- Threat Modeling: Development of comprehensive threat models covering all targeted usages and deployments of Open chip SW Stack.
- Security Documentation: create and maintain high-quality security guidance documentation, including best practices, design recommendations, and threat mitigation strategies.
- Security Standards Compliance: Drive the alignment of OpenChip products with industry-recognized security standards (e.g., FIPS 140-3, NIST SP 800-193, ISO/IEC 27001).
- Advanced Security Research, Conduct deep technical investigations in areas such as:
- - Microarchitectural security (e.g., side-channel attacks)
- - Cryptographic weaknesses
- - Fuzzing and reverse engineering
- - Code and architecture-level security reviews
- - Logic and memory vulnerabilities (e.g., kernel/firmware privilege escalation)
- Interact with colleagues across projects to unblock issues, or to reach consensus on technical topics.
- Collaborate with colleagues through code reviews, bug triaging, design documents,...
- Contribute to shared team responsibilities (CI failure triaging, documentation, code fixits, rotations...).
- Work with validation teams on required test cases, coverage, and methodologies to ensure robust security verification.
- Work with support Quality team by delivering security guidelines and best practices for implementing a secure development lifecycle (SDL).
- Work with hardware teams, providing requirements for security and influencing hardware/software co-design.
Requirements
- Bachelor or Master's degree in a relevant field
- Experience in the relevant field (5-10yr)
- Experience with standard tools for source control (git), continuous integration, task management (Jira)
- Solid knowledge about computer architecture (CPU, cache and memory hierarchy, buses,...)
- Knowledge about at least two of the following areas:
- - Microarchitectural security(side channel attacks, fault injection)
- - Platform security features (kernel/firmware hardening, CHERI, CFI, pointer tagging, virtualization-based security, IOMMU)
- - Cryptograpy usage across networks (certificates, signatures, TLS/SSL, PK, remote attestation)
- - Boot integrity technologies (UEFI Secure Boot, measured boot, TPM)
- - Cryptography, including experience with cryptography libraries (OpenSSL, libssl, wolfssl, mbedtls, libsodium)
Benefits
- A collaborative, innovation-driven environment with significant autonomy and ownership
- Hybrid work model with flexible scheduling
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Location requirements
Security Guard maintaining a safe environment at Greenwich House, overseeing access control and patrol responsibilities in New York City facilities.
Field Supervisor ensuring efficient security operations for United Security at client locations. Conducting inspections, providing leadership and maintaining compliance with protocols.
Managing Consultant driving cyber resilience improvements for critical national infrastructure, with a focus on regulatory frameworks. Leading client engagements and enhancing operational safety and uptime.
Security Engineer Intern at Snap Inc. Developing security projects and enhancing security posture with meaningful contributions during a 13 - week internship.
Director leading cybersecurity engineering initiatives to protect sensitive data. Collaborating across teams at global fintech leader Fiserv.
Security Manager responsible for overseeing risk - based security program and compliance. Leading team and collaborating with stakeholders for cybersecurity in Indonesia.
OT Cybersecurity Consulting Director at Marsh leading cyber risk assessments and consulting projects across Canada and other regions. Requires strong technical knowledge and client relationship building.
Senior Cyber Security Consultant delivering high - impact cybersecurity solutions to clients in various industries in Montreal. Collaborating closely with project managers and guiding junior consultants.
Consultant technique pour Microsoft 365 Security à Ingram Micro, impliqué dans le support avant - vente et le déploiement des solutions cloud Microsoft.