Ohm Systems, Inc
Pittsburgh, Pennsylvania
Jun 19, 2024
Jun 24, 2024
Position Type
Full Time
Organization Type
In this role
  • Perform Hardware and Embedded product threat modeling, identify hardware security requirements, and perform pen testing & risk rating.
  • Review the security features and datasheet of various chipsets used in the residential and industrial embedded devices and recommend the right chipsets for our products.
  • Take part in architectural reviews of the hardware designs that impact the hardware root of trust, bootloader, secure boot, certificate/key storage, etc. on various platforms.
  • Setup various tools and perform Hardware security testing and propose the mitigation techniques to the product development team.
  • Automate the hardware testing process including secure boot and secure firmware upgrade functionalities.
  • Building tools, scripts, and automation frameworks around security to achieve Eaton-scale impact.

Basic (REQUIRED) Qualifications
  • Bachelor's degree in Computer Security or Computer Science, Electrical Engineering or similar fields with emphasis in Cybersecurity
  • At least 4 years of experience in threat modeling and working with hardware security testing tools
  • Good knowledge of hardware security features such as TrustZone, HSM, TPM, secure elements etc.
  • Knowledge of cybersecurity standards and protocols such as IEC 62443, UL2900, IEC15118, SAE21434, PKCS, Matter, EV Charger security such as OCPP, etc.
  • Experience in writing scripts for tools such as Open OCD with focus on any programming languages such as Python, Java.
  • Working knowledge of networking fundamentals, network protocols, and Access Control (i.e. User Authentication and Identity Management).

Preferred Qualifications
  • Understanding of hardware supplier risk rating methodologies; knowledge of hardware attacks such as Side channel attacks, Fault injection attacks.
  • Knowledge of Computer system security technologies, Embedded systems security, Symmetric and Asymmetric cryptography, PKI, X509 certificate generation, PKCS standards etc.

  • Ability to understand technical security concepts in depth and be able to apply those concepts to Eaton products for cybersecurity assessments.
  • Strong verbal and written communication skills.