Cybersecurity Engineer – Connected Appliances

UL Solutions · WorkFromHome, Lombardia, Italia · · 50€ - 70€

Descrizione dell'offerta

We are strengthening our expertise in cybersecurity for household appliances and electronic controls, and we are looking for a Cybersecurity Engineer to join our electrical controls team based in Carugate (Milan) and work on a hybrid basis .

Responsibilities
  • Evaluating and guiding the security of connected household appliances and automatic electrical controls in accordance with IEC 60335-1 Annex U, IEC 60730, and UL’s internal cybersecurity programs.
  • Supporting our clients in designing secure products by providing expert technical guidance, performing security assessments, and ensuring compliance with relevant cybersecurity and functional safety requirements.
  • Working at the intersection of product safety and cybersecurity, two domains that are increasingly converging in UL’s global testing and certification services.

Product Security Engineering

  • Define and assess cybersecurity architectures for embedded appliances and electronic controls evaluated against UL and IEC requirements.
  • Review and validate the use of cryptographic algorithms and secure protocols (AES-GCM/CCM, ECC P-256, RSA-2048+, HMAC, SHA-256).
  • Evaluate secure boot, firmware signing, measured boot, and rollback protection mechanisms as required by IEC 60335-1 Annex U.

Software Integrity & Secure Updates

  • Assess the robustness of firmware integrity validation, OTA update mechanisms, key provisioning, and secure lifecycle management.
  • Validate the use of secure elements, TrustZone-M, and hardware crypto accelerators.

Cybersecurity Testing & Compliance

  • Conduct cybersecurity evaluations aligned with UL’s cybersecurity frameworks, including UL 2900, UL IoT Security Rating, and IEC 62443 methodologies.
  • Execute hands‑on testing: secure communications validation, vulnerability scanning, protocol robustness, interface hardening, firmware extraction attempts (where applicable).
  • Prepare technical reports, findings, and documentation used for UL certification and client deliverables.

Client & Cross‑Functional Collaboration

  • Partner with internal UL teams (engineering, certification, operations, laboratory staff) to ensure a seamless assessment process.
  • Provide technical guidance to manufacturers regarding cybersecurity best practices, UL certification pathways, and product requirements.
  • Contribute to technical training for internal and external stakeholders.

Qualifications

  • Bachelor’s or Master’s degree in Cybersecurity, Computer Engineering, Electronics Engineering, Computer Science, or related field.
  • 3–5+ years of experience in embedded/IoT cybersecurity or security engineering.
  • Strong understanding of cryptography and secure communication (AES‑GCM/CCM, ECC/RSA, SHA‑256, HMAC, TLS/DTLS).
  • Practical experience with firmware security (secure boot, signing, OTA update flows).
  • Hands‑on experience with C/C++, embedded systems, and common IoT stacks.
  • Knowledge of security standards such as IEC 60335-1 Annex U, IEC 60730, UL 2900, IEC 62443, or NISTIR 8259.
  • Ability to write clear technical documentation and work with clients in a consultative manner.

Preferred Qualifications

  • Previous experience in a testing, certification, or conformity assessment environment.
  • Penetration testing experience on embedded/IoT targets.
  • Familiarity with secure provisioning and manufacturing key‑injection processes.
  • Experience with appliance communication ecosystems (Wi‑Fi, BLE, Zigbee, Thread, Matter).
  • Industry certifications (GICSP, Security+, CISSP, CSA, CEH, etc.).

#J-18808-Ljbffr
Candidati ora Torna all'elenco

Candidati o Torna Indietro

Candidati ora Torna all'elenco