Senior Security Engineer

Senior Security Engineer – Professional Experience

Senior Security Engineer

Roles & Responsibilities:

• Led the design and review of security architectures for connected and embedded systems, ensuring secure integration across embedded controllers, cloud platforms, and mobile applications.
• Defined cybersecurity requirements and security controls for next-generation IoT and autonomous systems to mitigate evolving cyber threats.
• Designed and implemented cryptographic security solutions, including secure boot, firmware signing, encryption, authentication, and secure communication protocols.
• Architected and managed Public Key Infrastructure (PKI) solutions, including certificate lifecycle management, key provisioning, rotation, storage, and protection mechanisms.
• Developed Python-based backend services and security automation tools to support device identity management, telemetry security, and cloud integration.
• Collaborated with embedded software, hardware, and cloud engineering teams to integrate security controls throughout the software development lifecycle.
• Designed key management frameworks and access control mechanisms for resource-constrained embedded environments.
• Conducted security assessments, threat modeling, risk analysis, and vulnerability reviews for embedded products and connected vehicle ecosystems.
• Implemented Linux-based security hardening, secure configurations, patch management, and monitoring controls across development and production environments.
• Developed and integrated AWS-native security solutions leveraging cloud services for secure device connectivity, data protection, and identity management.
• Established secure DevOps practices, including CI/CD security controls, automated security testing, code scanning, and compliance validation.
• Worked with engineering teams to ensure compliance with industry cybersecurity standards, security policies, and regulatory requirements.
• Supported incident response activities, root cause analysis, and remediation of security vulnerabilities across embedded and cloud platforms.
• Guided engineering teams on secure coding practices, cryptographic implementation, and security architecture best practices.
• Collaborated with cross-functional stakeholders to define security roadmaps and drive the adoption of security-by-design principles across multiple product lines.

Environment: Python, Linux, AWS, PKI, Cryptography, Embedded Systems, IoT Security, Secure Boot, TLS, Certificate Management, Key Management Systems (KMS), DevOps, CI/CD, REST APIs, Cloud Security, Threat Modeling, Vulnerability Management, Secure Software Development Lifecycle (SSDLC), Access Control, Authentication & Authorization.

Minimum skills required

8+ years of full-stack software development experience, including Python-based backend services
Experience with Linux distributions
Experience in the application of cryptographic security controls for embedded systems
Bachelors degree in Computer Science, Computer Engineering, or Software Engineering or experience that would be equivalent.
 

What makes you stand out

Experience in the development of IoT devices
PKI experience, including certificate lifecycle management and key protection
Experience in a DevOps role
Experience developing AWS-native applications

JC - R7