Responsible for the holistic system security end to end (Cloud application, edge devices, Mobile Apps) in terms of Encryption, Key Management, Network Design, Web-Services, Secure Coding Best Practices. Architecture and design, Identity and Access Management and general Security controls.
Verification of implemented security concepts
Collaborate with diverse technology teams to design and implement sound security architecture.
Develop and document security policies, procedures and guidelines in line with ISO 270017/18 requirements.
Provide departmental, individual and group training regarding security topics and skills.
Select vendors, define, organise and supervise periodical penetration tests.
Identification of attack vectors and risk management
Bachelor’s/Master’s degree in Computer Science, IS, Engineering or similar field required. MSc in Software and System Security or similar is an asset
4+ years’ experience in end to end IoT/Cloud security
Experience in developing security solutions for one or more cloud platforms
Understanding of wireless security, including BLE, Zigbee
Software development experience with strong security skills in DevOps Practices, such as IAC (Infrastructure as Code) and CI/CD knowledge
AWS services knowledge (Lambda, API Gateway, Cognito and more)
Solid understanding of Linux and associated tools like ssh, openssl, etc.
Solid understanding of cryptography concepts, like RSA, AES, ECC, etc.
Understanding of IoT-specific security protocols like MQTTS, embedded TLS, etc.
Knowledge of best Practices in security-oriented coding, especially nodejs
Understand identity concepts – SAML, JWT, Oauth etc.