Cryptography Security Engineer / Analyst

Зарплата

от 150 000 ₽

Местоположение и тип занятости

МоскваПолный рабочий деньМожно удаленно

Компания

Mobile identity and private key storage solutions

Описание вакансии

Условия работы

We are looking for talented cryptography security engineer/analyst who will be responsible for implementing and secure cryptographic codes/algorithms in embedded products (ARM Cortex M-class architectures) which require high attack potential resistances against side-channel attacks.

Responsibilities:

One of the main design laws in cryptography is Kerckhoff's principle, which states that a cryptosystem should be secure even if everything about the system, except the key, become public knowledge e.g. known by an attacker. Having this in mind you will design and develop the cryptographic algorithms and corresponded countermeasures to protect it against side channel analysis. These algorithms need to be executed in the hardware environment so that keys stay safe.

Mandatory experience:

  • Familiarity with cryptographic theory and significant experience of cryptographic implementation in either hardware or/and software.
  • Familiarity with major symmetric and asymmetric algorithms e.g. AES, DES, RSA, ECC algorithms
  • A strong grounding in security concepts, including core cryptography, secure coding practices and principles of secret management.
  • A good understanding of PKI, X.509, key exchange protocols, and authentication protocols, including token-based authentication.

You must be familiar at least with one of the following attack techniques and corresponded countermeasures:

  • SPA/DPA - Power analysis (simple and/or statistical side channel analysis)
  • Retrieving keys with DFA
  • Profiling attacks, e.g. template attacks
  • Attacks on RNG

Desirable, but not mandatory:

  • White-box cryptography
  • Knowledge of the security principles embedded applications (e.g. contactless payment, electronic passports, secure access control)
  • Experience with development of the secure embedded operating systems that were security evaluated by the 3rd party laboratories.
  • A knowledge of relevant standards, trends and best practices in as many of the following fields (among others): semiconductors, testing, NFC, Bluetooth, cryptography, NIST, FIPS, FIDO, diversification schemes, security evaluation, secure microcontrollers, IoT, EMV, Global Platform.

Candidate for this position is required to have:

  • Ability to work effectively in the international team
  • Persistence to get the things done in the agile way, creativity, passion for learning

Programming languages:

  • Embedded C
  • Assembler

Бонусы

We offer:

  • Competitive salary
  • Flexible scheduling & remote acceptance
  • Modern and spacious offices located in the city center and green area of south-west
  • Bonuses according to results and deliverables