Posted 29 days ago by

SOFTWARE SECURITY ARCHITECT

San Jose, CA, United States
Employment: Full Time Experience: Senior, Mid-Level
TOGETHER WE PROTECT AND SECURE WHAT MATTERS MOST TO ORGANIZATIONS & ENTERPRISES

Have you ever wondered what it takes to provide comprehensive cybersecurity to the world’s largest, and most demanding organizations? Thales is a global leader in data protection and cybersecurity. We provide solutions for defense, critical infrastructure and telecommunication operators, industrial and financial companies. We provide best in class security practices in consulting, professional services, design, implementation and other security services, as well as managed security services based on our network of Security Operation Centers in France, the UK and Netherlands.

We are currently looking for a Security Engineer/Architect to who can help us secure our next generation of security products.

Our Security Engineers are part of a global team supporting development as subject matter experts in topics such as security architecture, secure coding, cryptography, vulnerability assessment, and security certifications. They collaborate directly with the teams to not only assist in product security, but also to educate and elevate the security maturity of the teams in a manner that will scale.

Security Engineers are involved in every aspect of product development, from "cradle-to-grave" and working at Thales e-Security affords you the opportunity to be involved and influence every stage of the secure product life-cycle.

Key Responsibilities:
As the security authority on product developments, you will assume an active role in all aspects of the definition, development, deployment, and maintenance of our current, and next generation products:
  • You will be embedded amongst software, hardware, and certification engineers to scope, architect, design, and evaluate the security of our products.
  • Pragmatically balance security, performance, and compliance to ensure that products are not just secure, but usable for real world use cases.
  • Stay abreast of the evolving threat landscape; investigate, prototype, and test mitigations that defend against current and new attack techniques.
  • Champion security within the development teams to help them make their implementations more secure.
As a member of the global Security Office team:
  • Act as a security subject matter authority on projects and initiatives;
  • Explore security topics that interest you and develop your skills in those areas;
  • Advocate and help implement security practices across all domains within Thales e-Security.


Skills and Experience:
  1. A demonstrated track record of building things, but also a curiosity for the many interesting ways in which things can break:
  • A desire for learning and understanding the security discipline;
  • Professional experience building products in at least one high-level language;
  • Knowledge of how to read (and break) code in languages such as C, C++, or Java.
  1. Understanding of how cryptography is correctly applied in products and protocols to provide capabilities such as authentication, privacy, and integrity.
  2. Been involved in solving challenging security problems using knowledge and/or skills in one, or more, of the following areas:
  • Cryptography & Secure Protocols;
  • Threat Modeling;
  • Vulnerability Assessments/Penetration Testing;
  • Static/Dynamic Code Analysis & Code Reviews;
  • Vulnerability Management;
  • Secure Development Lifecycles.
  1. Proficient oral and written communications skills.
  2. Collaborated well in a team environment, were sensitive to needs of the teams, and effectively developed relationships across disciplines.
  3. Smart, curiosity, humility, and equal willingness to both learn and teach.
Preferred Skills and Experience:
  1. Experience with security certification standards, such as FIPS 140-2, Common Criteria, or PCI.
  2. Utilized software and firmware fuzzing tools to identify security flaws in products.
  3. Practical experience with web application security technologies, mitigation techniques, and potential pitfalls.
  4. Experience with virtualization and sandboxing technologies such as VMWare, Xen, Linux Containers (LxC), or VirtualBox.
  5. Understanding or experience with hardware attack techniques such as physical tampering, counterfeiting, side-channel attacks, or glitching.
Educational Requirements:

Bachelor’s degree in a technical subject (e.g., Computer Science, Mathematics, or Engineering) Master’s degree a plus

Are you ready to be part a part of something big? If your skills, experience and attitude are a match and you’re looking for an exciting challenge, please apply now using the link below and we will be in touch.

Thales champions inclusion and we believe diversity strengthens the fabric of our culture.
We are an Equal Opportunity Employer/AA/Minorities/Females/Veterans/Disabled.

The PowerToFly Mission

We're passionate about connecting highly skilled women with leading companies committed to diversity and inclusion.

Are you looking for your dream job? In Office. Flexible. Remote.

Join our Movement

Are you hiring? Join our platform for diversifying your team

Post a job