Title: Security Architect
Location:San Jose, CA
Duration: 6-9 Months Contract to Hire
Define security requirements and checklist for IoT platforms.
Champion the Clients product security SDLC. This includes threat modeling, security testing, penetration testing, security code reviews, and secure design/architecture reviews, and identifying and fixing vulnerabilities in software and applications.
Perform vulnerability research, assessment and management, serve as technical security/risk advisor on all new technology/developed by the Client.
Provide architectural guidance and leadership on best practices regarding security in software development, IoT platform, mobile application, user interface design frameworks, high performance messaging solutions, server-side development, integrations and tools and technologies.
Work across SW/HW engineering, production, and operations teams and ODM/OEM to identify component and system level security risks, determine technical security controls to mitigate risks, prioritize and schedule controls with product development timelines.
Work with corporate security governance team to comply with internal SLA and policies.
Mentor junior Security Engineers.
Maintain knowledge of current and emerging technologies / products / trends related to security architectural solutions.
12+ years of experience in security research, product security, and/or software engineering.
Demonstrated expertise in cryptographic algorithms and protocols.
Demonstrated expertise in network protocols.
Demonstrated expertise in end-to-end software architecture.
Proficiency in programming languages - Java, C/C++.
Proficiency in Secure Boot and Trusted Execution Environment (TEE).
Ability to present complex security topics to wide range of internal and internal audiences (engineers to executives).
Strong project planning and execution skills.
Excellent written & oral communication skills and coordination with peers, end-users, and management.
Good analytical and debugging skills; creative ability, good organizational skills.
CISSP or equivalent certification.
Proficiency in audio and video streaming protocols.
Two95 International Inc.