About the role DroneShield is seeking a Senior Hardware and Embedded Security Engineer with relevant experience to join the team in Sydney, NSW. The Security team is a nimble team responsible for protecting DroneShield's assets and users. Our adversaries are sophisticated and use state-of-the-art tooling. To protect DroneShield, we need to focus on the biggest risks, eliminate threats, focus on automation to scale our efforts and continually increase the cost for the attackers. This role will work closely with Embedded Hardware and Software engineers, Product and System Engineers. It will impact all aspects of the development life cycle for embedded products from requirements, design, development to assessments and review. Key responsibilities include conducting sophisticated security assessments at hardware, firmware and application layer. Championing secure development practices by creating tooling and engineering pathways that increase velocity. Review new Products and features during a project's lifecycle. Design security features required to support the threat model for our Products. The ideal candidate should have demonstrated experience in hardware and embedded security in high-stakes environments, and deep technical expertise in computer architecture, microcontrollers and embedded systems. They should also have knowledge of common hardware attacks and defence mechanisms. This position offers the opportunity to contribute to the security of hardware Products with complex threat models. Responsibilities, Duties and Expectations Continually improve the level of security assurance we provide to our Products Ensure the Products and Software meet high security, privacy, and compliance standards Conduct sophisticated targeted and end to end security assessments Support developer productivity by prioritising developer tooling that reduces Toil and improves Developer Experience Promote continuous learning and improvement within the team Manage multiple concurrent projects and solve cross-product problems Establish partnerships and champion quality throughout the Embedded teams Qualifications, Experience and Skills BS degree in Computer Science, Mechatronics Engineer or similar technical field of study or equivalent practical experience. Demonstrated experience working in prior Hardware security roles Minimum 8 years’ experience in related roles. Roles could include: Security Engineer Reverse Engineer Embedded Engineer Knowledge of the following would also be essential: Knowledge of cryptographic protocols and their implementation in hardware Familiarity with side-channel attacks and countermeasures Understanding of secure boot processes and trusted execution environments Proficiency in using hardware hacking tools (e.g., JTAG debuggers, chip programmers). Knowledge of IoT security principles and common vulnerabilities. Knowledge of secure hardware design principles. Experience with firmware analysis and modification Comfortable on the command line in a Linux first environment Application Security Reviews, RestFul/RPC APIs and Threat Modelling Proficiency with Python, Go and can peer review code / implementation / automation scripts Knowledge of the following would also be desirable: Experience with embedded C and C++ Experience with bootloaders development Strong problem-solving and analytical skills. Ability to think creatively to identify potential security vulnerabilities. Excellent communication skills to explain complex technical concepts. Familiarity with relevant industry standards (e.g., Common Criteria, FIPS 140-3, NIST, DISA STIG). Experience with penetration testing methodologies applied to hardware. Familiarity with supply chain security concepts Software Defined Radio Note for recruitment agencies: We do not accept unsolicited candidates from external recruiters unless specifically instructed.
