Start: ASAP
Location: Graz or Hamburg, 100% on-site for 6 months
Workload: Full-time
Duration: Long-term project

Responsibilities:

Defining and specifying security requirements for microcontroller-based products
Developing and implementing embedded security concepts
Conducting threat analyses and identifying potential attack scenarios
Designing and managing the implementation of security mechanisms (e.g., Secure Boot, encryption, cryptography, fault injection protection)
Advising R&D teams on selecting suitable security algorithms under system constraints
Supporting development teams with product security levels and hardening
Defining chip-level security concepts and protection strategies for cryptographic implementations
Creating and maintaining security documentation
Ensuring compliance with security requirements throughout the entire product lifecycle

Qualifications:

Extensive Understanding of embedded security and microcontroller architectures

Experience in implementing and securing security mechanisms

Sound knowledge of cryptography and security algorithms

Knowledge of common attack methods on embedded systems (e.g., side-channel, fault injection)

Experience in threat modeling and security risk assessment
Ability to balance security requirements with hardware constraints (memory, performance, cost)
Practical security engineering mindset with a focus on real-world product security
Certifications: Common Criteria, PSA, SESIP (mandatory), EMVCo

‍