Product Security Engineer – IOT, Embedded
Arrow Components
full-time
Posted on:
Location Type: Office
Location: Ahmedabad • India
Visit company websiteExplore more
About the role
- Lead comprehensive architecture reviews and threat modeling assessments
- Analyze device/system architecture for vulnerabilities impacting security
- Define clear test objectives and attack scenarios based on design flaws
- Translate architectural risks into actionable VAPT test cases
- Oversee and guide the development of detailed security risk assessments
- Collaborate with VAPT teams to ensure design vulnerabilities are tested
- Provide mentorship and technical guidance to engineering teams
- Document architectural weaknesses and recommend remediation measures
- Coordinate with compliance teams to ensure design evaluations align with RED 18031
- Develop and maintain comprehensive architecture review documentation
- Conduct periodic reviews and updates of threat models based on emerging risks
- Participate in security workshops and training sessions on secure design
- Evaluate secure boot, update processes, and hardware root of trust implementations
- Review integration points between hardware and software for potential flaws
- Present findings to both technical and non-technical stakeholders.
Requirements
- 6–10 years of experience
- Extensive experience with threat modeling frameworks (STRIDE, TARA)
- Deep understanding of embedded system architectures (ARM/SoC, MCU)
- Expertise in secure boot and hardware root of trust evaluations
- Proficient in analyzing secure design and risk management methodologies
- Strong knowledge of compliance standards (RED, IEC 62443, ISO 27001)
- Ability to integrate architectural risk assessments with VAPT planning
- Skilled in attack surface analysis for complex embedded systems
- Experience with security assessment tools and architectural review platforms
- Excellent technical documentation and reporting skills
- Ability to mentor and guide engineering teams on secure design practices
- Strong analytical and problem-solving skills
- Proficient in developing detailed risk assessments and remediation plans
- Experience in reviewing hardware-software integration for security gaps
- Excellent communication skills for bridging technical and compliance teams
- Proactive in keeping current with emerging design vulnerabilities.
Benefits
- Health insurance
- 401(k) matching
- Flexible work hours
- Paid time off
- Professional development opportunities
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
threat modeling frameworksSTRIDETARAembedded system architecturesARMSoCMCUsecure boothardware root of trustrisk management methodologies
Soft Skills
mentorshiptechnical guidanceanalytical skillsproblem-solving skillscommunication skills
Certifications
IEC 62443ISO 27001