Security Analyst - Software
Delft, The Netherlands
Do you like analysing complex security issues?
You just found a job description for the challenging role of security analyst with a focus on software security! Riscure is a young, ambitious organization specializing in embedded security testing for leading international clients from the semiconductor, payment, Pay TV, mobile and smart metering industry. In addition, Riscure is the leading vendor of specialist security testing products. Our main office in the Netherlands has been around since 2001, but our satellite offices still have a start-up feel to it. We have engaging projects, an open office environment, and we’re are looking for self-motivated individuals who would like to carve out their niche in our growing company. If you have experience in using the following variety of techniques then you might be the match for us: source code review, software reverse engineering and exploitation.
What does a day at Riscure look like?
- We evaluate the security of products that use embedded and smart card technologies, usually in teams of 2-4 security analysts. The main activities of the evaluation process include analyzing threats and weaknesses by taking apart a device’s specifications, code or hardware, and then developing the necessary tools to attack the security. Results of this go into a report, and we give recommendations for solving these problems.
- In addition to evaluation work we carry out other projects, including consultancy work, research, tool development, and training. As a state-of-the-art lab, our internal research and development process is a necessity to remain competitive. We record the knowledge we gain during our projects in the Riscure knowledge database to ensure it is preserved and shared within Riscure.
- We mainly work at our office in Delft. Parts of a project may require working at the customer’s premises. Depending on the type of assignment and your level of experience you are in regular contact with a customer’s technical liaison during a project. All communications with our customers are in English.
What skills should I have to be able to join?
- You have successfully completed an academic course in Information Technology or Electrical Engineering.
- You have 1 to 5 year’s work experience:
- You have a good understanding of low-level computer architecture and security concepts.
- You have experience with ARM assembly and the programming languages C/C++, and Java.
- You are comfortable with reviewing large codebases.
- You have experience with mobile security for iOS or Android. It would be a bonus when you have experience with developing mobile applications .
- You have experience with reverse engineering of binary code.
- You have experience with exploitation of software vulnerabilities.
- You have a creative mind with an eye for detail, and you like to make sure we use the right methods and equipment to detect security issues.
- You have a good command of the English language, both verbally and written.
- You have good social skills and you are a pleasant co-worker who likes to collaborate in a multidisciplinary team of security specialists.
- You are flexible, and you enjoy travelling to customers in Europe, North America, or Asia every now and then.
Ok, so what does Riscure offer me?
- Most of our customers are large, international organizations based in North America, Europe, and Asia. It is very important for us to be able to provide these customers with high-quality, professional services. In our daily work this entails rating content over appearances, and creating an open and sincere work environment with ample room for fresh ideas.
- At Riscure you work together with people who are passionate about their job. Each of them is eager to learn and willing to share knowledge. You form part of a small, highly specialised company with an informal working environment, ensuring that your work is varied and that you have direct contact with every layer within the organisation.
- In addition to attractive terms of employment, you will be given the chance of letting your own responsibility and personal development grow with the organisation.
I want in
Send your resume and motivation letter to firstname.lastname@example.org. If you have any hardware project, source code, academic thesis, whitepaper, or anything else that is relevant and that you’re proud of, don’t hesitate add a link to it as well.
We are an equal opportunity employer, and do not discriminate based of race, nationality, gender identity, sexual orientation, disability status, veteran status, age, or any other legally applicable characteristics. Being a diverse, multi-national company is one of the things that makes us strong, and we don’t intend to change any time soon.