IT - Security & Resilience Chief Engineer focusing on SIEM at LBBW, leading complex security projects and enhancing IT security architecture across the bank.
About the role
- Identify Vulnerabilities: Discover security flaws before they can be exploited, using offensive security techniques across the full software and firmware stack.
- Threat Modeling: Development of comprehensive threat models covering all targeted usages and deployments of Open chip SW Stack.
- Security Documentation: create and maintain high-quality security guidance documentation, including best practices, design recommendations, and threat mitigation strategies.
- Security Standards Compliance: Drive the alignment of OpenChip products with industry-recognized security standards (e.g., FIPS 140-3, NIST SP 800-193, ISO/IEC 27001).
- Advanced Security Research, Conduct deep technical investigations in areas such as:
- - Microarchitectural security (e.g., side-channel attacks)
- - Cryptographic weaknesses
- - Fuzzing and reverse engineering
- - Code and architecture-level security reviews
- - Logic and memory vulnerabilities (e.g., kernel/firmware privilege escalation)
- Interact with colleagues across projects to unblock issues, or to reach consensus on technical topics.
- Collaborate with colleagues through code reviews, bug triaging, design documents,...
- Contribute to shared team responsibilities (CI failure triaging, documentation, code fixits, rotations...).
- Work with validation teams on required test cases, coverage, and methodologies to ensure robust security verification.
- Work with support Quality team by delivering security guidelines and best practices for implementing a secure development lifecycle (SDL).
- Work with hardware teams, providing requirements for security and influencing hardware/software co-design.
Requirements
- Bachelor or Master's degree in a relevant field
- Experience in the relevant field (5-10yr)
- Experience with standard tools for source control (git), continuous integration, task management (Jira)
- Solid knowledge about computer architecture (CPU, cache and memory hierarchy, buses,...)
- Knowledge about at least two of the following areas:
- - Microarchitectural security(side channel attacks, fault injection)
- - Platform security features (kernel/firmware hardening, CHERI, CFI, pointer tagging, virtualization-based security, IOMMU)
- - Cryptograpy usage across networks (certificates, signatures, TLS/SSL, PK, remote attestation)
- - Boot integrity technologies (UEFI Secure Boot, measured boot, TPM)
- - Cryptography, including experience with cryptography libraries (OpenSSL, libssl, wolfssl, mbedtls, libsodium)
Benefits
- A collaborative, innovation-driven environment with significant autonomy and ownership
- Hybrid work model with flexible scheduling
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Location requirements
Engineering Manager leading production technology and IT security department at Uniper in Landshut. Responsible for project management and technological advancement in power generation.
RC
RailWorks CorporationProtection Foreman, Railway Safety Personnel – Bilingual
Contremaître protecteur supervisant des équipes sur des propriétés ferroviaires actives. Organiser les séances d'information et garantir la sécurité et l'efficacité des travaux en utilisant les règles d'exploitation ferroviaire.
Life and health insurance financial security advisor serving clients by providing advice and maintaining business relationships. Focused on sales of insurance products and services based on client needs.
Senior Defensive Security Advisor at Desjardins identifying and mitigating threats across systems and networks. Leading complex initiatives and collaborating with stakeholders for effective security posture.
CE
Care New EnglandDirector, Security
Director of Security overseeing all safety and security operations for Women & Infants Hospital. Responsible for deterring crime, protecting premises, and managing transport services.
Responsable Pôle Sécurité Médiation Fraude managing security operations for public transport services in Metz. Ensuring safety and compliance while optimizing fraud prevention strategies.
RB
Cyber Security Engineer at Regions focusing on cloud and infrastructure security. Designs and implements cybersecurity solutions while providing technical support and guidance.
CA
Capital.comIAM Security Engineer
IAM Security Engineer focusing on identity and access management automation in a dynamic digital assets company. Contributing to scaling IAM infrastructure through automated solutions and secure user lifecycle management.
FC
Ford Motor CompanySecurity Systems Data Integration Specialist
Data Analyst joining Ford's team to focus on security technologies and data integration. Responsible for improving data operations across global infrastructure and complex requests.