To use our site, you agree to the use of cookies and data processing according to our privacy statement.
Close
Search

Technical Evaluation Lead Hardware

You just found a job description for the challenging role of security analyst with a focus on hardware security! We are looking for a security professional with experience in Smart Cards, Secure Elements and other Embedded devices, proficient in using side channel analysis, fault injection and physical manipulation. Do you have at least 4 years of experience in evaluating Smart Cards, Secure Elements or other Embedded devices, using side channel analysis, fault injection and physical manipulation, then this is the job for you.

Riscure is a young, ambitious organization specializing in embedded security testing for leading international clients from the semiconductor, payment, Pay TV, mobile and smart metering industry. In addition, Riscure is the leading vendor of specialist security testing products. Our headquarter office in the Netherlands has been around since 2001, but our satellite offices still have a start-up feel to it. We have engaging projects, an open office environment, and we’re looking for self-motivated individuals who are looking to carve out their niche in our growing company. Are you the person with a focus on complex evaluation, ready to work with clients from all over the world, in our young, open and transparent work environment with ample room for fresh ideas?

We are also looking for analysts focused on software security and Crypto, you can find these vacancies here: vacancy for Technical Lead Software and top vacancy for SA Crypto.

What does a day at Riscure look like?

We evaluate the security of products that use Embedded and Smart Card technologies, usually in teams of 2-4 security analysts. The main activities of the evaluation process include analysing threats and weaknesses by taking apart a device’s specifications, code or hardware, and then developing the necessary tools to attack the security. Results of this go into a report, and we give recommendations for solving these problems.

In addition to evaluation work we carry out other projects, including consultancy work, research, tool development, and training. As a state-of-the-art lab, our internal research and development process is a necessity to remain competitive. We record the knowledge we gain during our projects in the Riscure knowledge database to ensure it is preserved and shared within Riscure.

We mainly work at our office in Delft. Parts of a project may require working at the customer’s premises. Depending on the type of assignment and your level of experience, you are in regular contact with a customer’s technical liaison during a project. All communications with our customers are in English.

What skills should I have to be able to join?

  • You have successfully completed an academic course in Information Technology or Electrical Engineering.
  • You have at least 4 year’s work experience in:
    • Security evaluations on Smart Card products, Secure Elements (SE) and other embedded devices like System-on-Chips (SoC), where test methods such as Fault Injection, Side Channel Analysis, physical manipulation, etc. are applied.
    • the major security evaluation schemes like Common Criteria, EMVCo or Global Platform
    • performing site audits of development and production sites of our customers
    • being responsible for the technical quality of evaluation projects. Ideally you are used to steer a team of analysts during evaluation activities
    • supporting project management in coordinating complex evaluation projects under the given timelines and budgets
    • supporting sales managers in scoping and acquisition of new projects
    • being the technical interface to various ITSEFs and certification schemes
    • studying new market trends and developing innovative security evaluation methodologies for emerging technologies
  • You have a creative mind with an eye for detail, and the ambition to drive security forward.
  • You have an excellent command of the English language, both verbal and written.
  • You have good social skills and you are a pleasant co-worker who likes to collaborate in a multidisciplinary team of security specialists.
  • You are flexible, and you enjoy travelling to customers in Europe, North America, or Asia every now and then.

Ok, so what does Riscure offer me?

Most of our customers are large, international organizations based in North America, Europe, and Asia. It is very important for us to be able to provide these customers with high-quality, professional services. In our daily work this entails rating content over appearances, and creating an open and sincere work environment with ample room for fresh ideas.

At Riscure you work together with people who are passionate about their job. Each of them is eager to learn and willing to share knowledge. You form part of a small, highly specialized company with an informal working environment, ensuring that your work is varied and that you have direct contact with every layer within the organization.

In addition to attractive terms of employment, you will be given the chance of letting your own responsibility and personal development grow with the organization.

I want in

For more information, contact our HR department at +31 (0)15 2514 090. Would you prefer to apply directly? Send your CV and motivation letter to recruitment@riscure.com. If you have any hardware project, source code, academic thesis, whitepaper, or anything else that is relevant and that you’re proud of, don’t hesitate add a link to it as well.

Only applications including a motivation letter will be considered. Reference checking, a background screening and technical/personal assessment may be part of the application procedure.

We are an equal opportunity employer, and do not discriminate based of race, nationality, gender identity, sexual orientation, disability status, veteran status, age, or any other legally applicable characteristics. Being a diverse, multi-national company is one of the things that makes us strong, and we don’t intend to change any time soon.

[Acquisition by agencies is not appreciated.]