Staff Security Engineer

Responsibilities

• The Staff Security Engineer primary job responsibilities include:
• Perform IoT penetration testing, including firmware extraction, reverse engineering, and vulnerability discovery
• Perform security research, analysis, and testing via threat modeling, vulnerability assessment, penetration testing, and/or social engineering across a wide variety of applications, platforms and systems
• Use a combination of manual and automated techniques to assess risks and circumvent security mechanisms of devices and application
• Oversee and manage the deployment, integration, and configuration of security solutions and enhancements to existing IoT infrastructure and the enterprise's security documents
• Select and acquire additional security solutions or enhancements to existing security solutions to improve overall IoT enterprise security
• Clearly outline and document risk impacts of test findings in reports
• Test, triage, and drive remediation of security issues reported by external parties
• Actively partner with infrastructure, application, product, and other stakeholders to ensure deployed solutions minimize security and privacy risks
• Other duties as assigned

Requirements

• B.A. or B.S. (or higher) in Computer Science, Electrical Engineering, or a related engineering program with strong academic performance preferred
• 10+ years of information security experience, with a strong focus on offensive security, penetration testing, or vulnerability research
• Prior experience performing security testing and assessment in IoT, embedded, or firmware based environments
• Working knowledge of embedded system design and constraints (development experience a plus, but not required)
• Familiarity with using hardware debugging equipment such as oscilloscopes, logic analyzer and other tools
• Familiarity with interface protocols such as UART, I 2 C, SPI, JTAG, and related tooling.
• Experience analyzing embedded Linux systems and firmware images.
• Familiarity with ARM CPU architectures with exposure to x86, RISC-V, or others as a plus
• Experience with reverse-engineering tools such as IDA Pro, Ghidra, and/or Binary Ninja
• Certification in one or more Information Security disciplines is preferred or ability to obtain certifications.
• Self-starter, analytical, tenacious problem solver
• Strong verbal and written communication skills for a highly collaborative environment
• Rigorous attention to detail and focus on quality of deliverables
• Proven team experience and comfort in a team-oriented environment
• Passion for working with technology and excitement for creating high quality consumer technology product
• If you feel like you don't meet all the requirements for this role, we encourage you to apply. We don't want a few of them to get in the way of meeting a great candidate like you!
• Please note that sponsorship of new applicants for employment authorization, or any other immigration-related support, is not available for this position at this time.
• WHY WORK FOR ALARM.COM ?
• Collaborate with outstanding people: We hire only the best. Our standards are high and our employees enjoy working alongside other high achievers.
• Make an immediate impact: New employees can expect to be given real responsibility for bringing new technologies to the marketplace. You are empowered to perform as soon as you join the Alarm.com team!
• Gain well rounded experience: Alarm.com offers a diverse and dynamic environment where you will get the chance to work directly with executives and develop expertise across multiple areas of the business.
• Community and Camaraderie: One of our core values is to 'Keep It Fun,' which to us means fostering a strong sense of community. Our culture is built on collaboration and connection, where we celebrate our successes and believe that a positive, engaging environment is key to doing our best work.
• Alarm.com values working together and collaborating in person. Our employees work from the office 4 days a week .
• COMPANY INFO

Additional Information

The Staff Security Engineer will identify security risks within our IoT device ecosystem, communicate those risks to management, and assist with the mitigation efforts. This role requires hands-on experience with reverse engineering, networking, operating systems, and programming. The ideal engineer will bring these skills to bear on complex IoT security challenges. The Senior Security Engineer will also document security policies and procedures and ensure they remain up to date with applicable industry standards and compliance requirements.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at alarmcom? Share your experience