Wipro
Location
Bangalore | India
Job description
Position Overview: There is a surge of connected devices; which is pushing boundaries of traditional business model in every industry vertical. By virtue of technology advancements, the interaction between Human-to-Machine, Machine-to-Machine and Humanto-Human is opening new opportunities. This new wave of innovation is fueling the Industry-4.0, Smart Energy, Connected Auto and other initiatives. While connected devices brings huge opportunity, it also pushes relevance of Embedded Security to whole new level and demands the scalability of technology to meet billions of connected endpoints. Wipro is looking for experience professional who are passionate about security and have ability to transform the solution and technology strategy. As part of Product Security Engineering team, you will be engaging with wide spectrum of customers to help define, design, adopt and deploy the security technology/solutions enabling Trust and Secure-by-Design capability of connected ecosystem.
Responsibilities • Engage with customers to understand the business and functional use-cases of connected devices. • Evaluate the threat vectors w.r.t. device manufacturing and operational use-case environment. • Design security controls architecture and secure development life-cycle management artifacts as applicable to industry vertical and product. • Identify the use of open-source or partner technologies – conduct quick prototype and seek approval from customer for product implementation. • Work with engineering service delivery team to instrument the security controls as part of product development. • Identify the white space, where Wipro solution / IP can be introduced to create market differentiator and value for targeted customer base. • Support strategic alliances/partnership effort via value-proposition definition, prototype and internal engineering team training/readiness. Qualification Required • 10+ years of experience as security engineer/architect – must have worked with device manufacturer, SEMI/HiTech companies as part of engineering organization OR via service provider in similar capacity. • Extensive experience in o Device identity and integrity controls –On-Board/Off-Board key generation, secure boot, code sign, device life-cycle management (enrollment, provisioning, activation, suspend, revoke, re-provision/terminate) o Data and system security – application whitelisting, run-time system integrity check, anomaly detection, message signing, dynamic access control o Embedded system communication protocols – JTAG, UART, SPI, I2C, CAN • Extensive experience in crypto & PKI technology – Hash, Symmetric / Asymmetric encryption | OAEP, PSS | RSAX509, ECC | OCSP, CRL, EST, SCEP, TLS/DTLS, PKCS, PKIX-CMP, CP/CPS • Hands-on experience using hardware/software key-store such as – TPM/vTPM, TEE, SE, HCE, Whitebox crypto • Hands-on experience with MCU-8/16/32 bit with working knowledge of process and system isolation • Hands-on experience with UEFI firmware security best practice • Working knowledge of following will be added advantage: o Industry standards / certification: FIPS, IEC-62443, IEC-15408, ISO-26262 o Device security testing and verification Sensitivity: Internal & Restricted • Strong understanding of customer needs, competitive products and vendors, relevant technologies and trends, and industry standards. • Demonstrated experience in gathering and transforming business requirements into a comprehensive technology solution definition. • Strong team player – work with internal and external stakeholder to solve problems and actively incorporate input from various sources. • Excellent communication skills and collaborative working style. • Willing to travel • Bachelor’s degree in Engineering or related fieldJob tags
Salary
