Keysight is on the forefront of technology innovation, delivering breakthroughs and trusted insights in electronic design, simulation, prototyping, test, manufacturing, and optimization. Our ~15,000 employees create world‑class solutions in communications, 5G, automotive, energy, quantum, aerospace, defense, and semiconductor markets for customers in over 100 countries. Learn more about what we do.
Our award‑winning culture embraces a bold vision of where technology can take us and a passion for tackling challenging problems with industry‑first solutions. We believe that when people feel a sense of belonging, they can be more creative, innovative, and thrive at all points in their careers.
Responsibilities- Perform code reviews and structured vulnerability analyses in accordance with formal security certification requirements (e.g., EMVCo, Common Criteria, SESIP, GlobalPlatform).
- Provide guidance and mentoring to junior colleagues by reviewing their analysis results and offering coaching rooted in certification scheme expectations.
- Maintain and share up-to-date knowledge on certification scheme developments, vulnerability classes, and evaluation methodologies relevant to the secure product certification domain.
- Translate vulnerability analysis findings into clear and actionable input for the security testing team, aligning results with applicable scheme thresholds and evaluation metrics.
- Lead the technical aspects of evaluation projects by coordinating with the project manager and evaluation lead to ensure compliance, technical rigor, and timely delivery.
- Act as the primary technical contact point for customers, certification bodies, and other ITSEFs, ensuring clear communication and alignment with scheme‑specific technical expectations.
- Academic background (BSc/MSc) in Information Technology, Electrical Engineering, Cybersecurity, or a closely related field.
- Minimum of 4 years of experience in the security evaluation domain, specifically:
- Proven proficiency in at least two of the following: C, C++, Java Card, Assembly.
- Experience with secure embedded systems, such as Smart Cards, Secure Elements, System‑on‑Chips (SoCs), or Trusted Execution Environments.
- Practical experience with vulnerability classes and test methods relevant to certification schemes: logical attacks, fault injection, and side‑channel analysis.
- Direct involvement in evaluation projects conducted under Common Criteria (EAL4+ or higher), EMVCo, SESIP, or GlobalPlatform schemes.
- Familiarity with evaluation frameworks, such as Protection Profiles, Security Targets, Evaluation Reports, and Scheme‑specific interpretations (e.g., JIL, EMVCo Guidelines).
- Experience in software development or certification‑oriented testing for embedded platforms, with a focus on compliance and assurance rather than exploratory research.
- Specific knowledge of Java Card technology is highly valued:
- Java Card Virtual Machine and Runtime Environment.
- Java Card APIs and usage within secure environments.
- Familiarity with Java Card Protection Profiles (Open and Closed Configurations).
- Advantageous: knowledge of payment product certification, including understanding of compliance deadlines, scheme constraints, and product lifecycle.
- Strong analytical skills, attention to detail, and a methodical approach aligned with assurance evidence generation.
- Excellent interpersonal and communication skills; thrives in team environments with diverse stakeholders (technical teams, evaluators, and customers).
- Willingness to occasionally travel to clients or certification bodies in Europe, North America, or Asia.
Salarisomschrijving
€60000 - €80000 monthly