Project Role : Security Engineer
Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats.
Must have skills : Product Security
Good to have skills : NA
Minimum
5 year(s) of experience is required
Educational Qualification : 15 years full time education
Job Description: Product Security Testing Specialist - IoT, Embedded Devices, Hardware, Medical Instruments and automotive connected cars security
We are seeking a highly skilled and motivated Product Security Testing Engineer with 6-8 years of proven expertise in IoT, embedded devices, hardware medical instruments and automotive/connected car security. The ideal candidate will have a strong background in security testing methodologies, risk assessment, and a deep understanding of the unique challenges posed by IoT, medical devices and software defined vehicle. This role requires a practical approach to identifying, assessing, and mitigate security flaws in our products as well as expertise in leading and mentoring a group of product security experts.
Key responsibilities:
• Conduct and lead thorough security assessments of IoT devices, embedded systems, hardware components, and medical instruments.
• Conduct security assessments of connected car systems, including in-vehicle networks, infotainment systems, telematics, and communication interfaces.
• Identify vulnerabilities and weaknesses in the design, implementation, and configurations of automotive software and hardware components.
• Assess the security of in-vehicle communication networks, including CAN bus, Ethernet, and wireless protocols.
• Perform penetration testing, vulnerability assessments, and code reviews to identify security weaknesses.
• Evaluate the security of IoT ecosystems, including communication protocols, cloud interfaces, and firmware.
• Assess the security of embedded systems and identify potential vulnerabilities in both software and hardware.
• Perform hardware penetration testing to identify vulnerabilities in electronic systems.
• Assess the security of medical devices, ensuring compliance with industry regulations and standards.
• Identify and address security risks associated with healthcare information systems and connected medical instruments.
• Evaluate and prioritize security risks based on potential impact and likelihood.
• Provide recommendations and collaborate with cross-functional teams to implement effective security controls.
• Stay current with emerging security threats, vulnerabilities, and testing methodologies.
• Implement best practices for security testing and collaborate with development teams to integrate security into the development lifecycle.
• Document security testing processes, findings, and remediation recommendations.
• Generate comprehensive reports for stakeholders, including technical details and actionable insights.
Technical experience:
• Hands on experience with penetration testing tools and methodologies.
• Proven experience in security testing with a focus on IoT, embedded systems, hardware, and medical instruments.
• Knowledge of secure coding practices and the ability to review code for security vulnerabilities.
• Familiarity with industry standards and regulations related to product security, such as ISO 27001, ISO/SAE 21434, UNECE WP.29, IEC 62443, UNR-155 and FDA cybersecurity guidelines.
• Experience with threat modeling and risk assessment frameworks.
• Familiarity with secure development practices for embedded systems.
• Understanding of regulatory requirements for medical device security.
• Strong understanding of networking protocols, encryption, and authentication mechanisms. Professional attributes:
• Excellent communication skills, including the ability to convey complex security concepts to technical and non-technical stakeholders.
• Demonstrated proficiency in autonomously managing client relationships with a high level of independence and accountability.
• Experience of effectively leading teams of various sizes, ranging from small to large, and actively contributing to their skill development and upskilling.
• Ability to manage multiple tasks and deadlines. Qualifications:
• Bachelor’s or master’s degree in engineering or computer science, Information Security, or a related field.
• Certifications such as Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or Certified Information Systems Security Professional (CISSP).15 years full time education
About Accenture
Accenture is a leading global professional services company that helps the world’s leading organizations build their digital core, optimize their operations, accelerate revenue growth and enhance services—creating tangible value at speed and scale. We are a talent- and innovation-led company with 774,000 people serving clients in more than 120 countries. Technology is at the core of change today, and we are one of the world’s leaders in helping drive that change, with strong ecosystem relationships. We combine our strength in technology and leadership in cloud, data and AI with unmatched industry experience, functional expertise and global delivery capability. Our broad range of services, solutions and assets across Strategy & Consulting, Technology, Operations, Industry X and Song, together with our culture of shared success and commitment to creating 360° value, enable us to help our clients reinvent and build trusted, lasting relationships. We measure our success by the 360° value we create for our clients, each other, our shareholders, partners and communities.Visit us atwww.accenture.com
Equal Employment Opportunity Statement
All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law.
Job candidates will not be obligated to disclose sealed or expunged records of conviction or arrest as part of the hiring process.
Accenture is committed to providing veteran employment opportunities to our service men and women.