Cybersecurity

Employer
Ohm Systems, Inc
Location
Pittsburgh, Pennsylvania
Posted
Jun 19, 2024
Closes
Jun 24, 2024
Ref
2778839419
Discipline
Other
Position Type
Other
Hours
Full Time
Organization Type
Corporate
In this role
  • Perform Hardware and Embedded product threat modeling, identify hardware security requirements, and perform pen testing & risk rating.
  • Review the security features and datasheet of various chipsets used in the residential and industrial embedded devices and recommend the right chipsets for our products.
  • Take part in architectural reviews of the hardware designs that impact the hardware root of trust, bootloader, secure boot, certificate/key storage, etc. on various platforms.
  • Setup various tools and perform Hardware security testing and propose the mitigation techniques to the product development team.
  • Automate the hardware testing process including secure boot and secure firmware upgrade functionalities.
  • Building tools, scripts, and automation frameworks around security to achieve Eaton-scale impact.

Basic (REQUIRED) Qualifications
  • Bachelor's degree in Computer Security or Computer Science, Electrical Engineering or similar fields with emphasis in Cybersecurity
  • At least 4 years of experience in threat modeling and working with hardware security testing tools
  • Good knowledge of hardware security features such as TrustZone, HSM, TPM, secure elements etc.
  • Knowledge of cybersecurity standards and protocols such as IEC 62443, UL2900, IEC15118, SAE21434, PKCS, Matter, EV Charger security such as OCPP, etc.
  • Experience in writing scripts for tools such as Open OCD with focus on any programming languages such as Python, Java.
  • Working knowledge of networking fundamentals, network protocols, and Access Control (i.e. User Authentication and Identity Management).

Preferred Qualifications
  • Understanding of hardware supplier risk rating methodologies; knowledge of hardware attacks such as Side channel attacks, Fault injection attacks.
  • Knowledge of Computer system security technologies, Embedded systems security, Symmetric and Asymmetric cryptography, PKI, X509 certificate generation, PKCS standards etc.

Skills
  • Ability to understand technical security concepts in depth and be able to apply those concepts to Eaton products for cybersecurity assessments.
  • Strong verbal and written communication skills.