Senior Engineer - Embedded Security

External Job Description

About KATIM

KATIM is a leader in the development of innovative secure communication products and solutions for governments and businesses. As part of the Space & Cyber Technologies cluster at EDGE, one of the world’s leading advanced technology groups, KATIM delivers trust in a world where cyber risks are a constant threat, and fulfils the increasing demand for advanced cyber capabilities by delivering robust, secure, end-to-end solutions centered on four core business units: Networks, Ultra Secure Mobile Devices, Applications, and Satellite Communications. Our talented team of cross functional experts continually takes-on new challenges. We work with the energy of a start-up yet the discipline of a large business to make solutions and products work for our customers at scale.

Key Responsibilities

•    Develop and implement Secure Boot mechanisms (e.g: Intel, Layerscape and Zynq PS platforms). Keywords (for AI tool not JD): verified boot, measured boot, chain of trust, root of trust, ROM fuse.                                 
•    Design disk encryption/decryption solutions using industry-standard cryptographic libraries (OpenSSL, WolfSSL, etc.)  Keywords (for AI tool not JD):e.g of technologies used for desk encryption, Device Mapper (feature of linux kernal) DM-Crypt, DM-Verify, LUKS.    
•    Integrate hardware security features such as TrustZone, TPM, HSMs, and secure key storage.  Keywords (for AI tool not JD): PKCS#11, PKCS#12, TrustZone, TPM, HSM, Secure Elments,                                 
•    Design and implement a Key Management System (KMS) for secure key generation, distribution, and storage  Keywords (for AI tool not JD): HSMs, Crypto Store        
•    Develop key loading mechanisms, including secure bootstrapping, provisioning, and over-the-air (OTA) updates . Keywords (for AI tool not JD):
•    Implement end-to-end encryption and authentication for secure key exchange (needed for all related to encryption, the radio the modem will need it and also the KFD - KMS) Keywords (for AI tool not JD): ECIES , ECDH, AEAD (authenticated encryption with additional data)                                 
•    Architect and implement secure firmware/SW updte mechanism (requirments for the mechanisums include: authenticity verification, signed firmware updates, rollback protection )  Keywords (for AI tool not JD): authenticity verification, signed firmware updates, rollback protection. TOCTOU (time of check/time of use), SVN
•    Develop secure communication protocols for embedded systems, ensuring end-to-end encryption and authentication (e.g: Implement IPSec, TLS, and other network security protocols for secure data transmission). Keywords (for AI tool not JD): IPSec, TLS, VPN, MacSec                                
•    Define and implement measures for tamper detection and protection  - (Niche) Keywords (for AI tool not JD): (e.s of standards: FIPS 140-2, FIPS 140-3 , zeroization, tamper•    Work on air-gapped environments and security measures for high-assurance systems  Keywords (for AI tool not JD): air-gapped    

Education and Minimum Qualification

• BSc/MSc, Computer Science or Electrical/Computer Engineering, or a related field
• 7 years’ experience in a similar role

Key Skills

•    Strong problem-solving abilities and attention to detail                                
•    Excellent communication and teamwork skills, with the ability to work in a cross-disciplinary team            
•    Ability to prioritize and manage multiple tasks effectively in a fast-paced environment

#KATIM