Senior Engineer - Embedded Security

External Job Description

About KATIM

KATIM is a leader in the development of innovative secure communication products and solutions for governments and businesses. As part of the Space & Cyber Technologies cluster at EDGE, one of the world’s leading advanced technology groups, KATIM delivers trust in a world where cyber risks are a constant threat, and fulfils the increasing demand for advanced cyber capabilities by delivering robust, secure, end-to-end solutions centered on four core business units: Networks, Ultra Secure Mobile Devices, Applications, and Satellite Communications. Our talented team of cross functional experts continually takes-on new challenges. We work with the energy of a start-up yet the discipline of a large business to make solutions and products work for our customers at scale.

Key Responsibilities

• Develop and implement Secure Boot mechanisms (e.g: Intel, Layerscape and Zynq PS platforms). Keywords (for AI tool not JD): verified boot, measured boot, chain of trust, root of trust, ROM fuse.
• Design disk encryption/decryption solutions using industry-standard cryptographic libraries (OpenSSL, WolfSSL, etc.) Keywords (for AI tool not JD):e.g of technologies used for desk encryption, Device Mapper (feature of linux kernal) DM-Crypt, DM-Verify, LUKS.
• Integrate hardware security features such as TrustZone, TPM, HSMs, and secure key storage. Keywords (for AI tool not JD): PKCS#11, PKCS#12, TrustZone, TPM, HSM, Secure Elments,
• Design and implement a Key Management System (KMS) for secure key generation, distribution, and storage Keywords (for AI tool not JD): HSMs, Crypto Store
• Develop key loading mechanisms, including secure bootstrapping, provisioning, and over-the-air (OTA) updates . Keywords (for AI tool not JD):
• Implement end-to-end encryption and authentication for secure key exchange (needed for all related to encryption, the radio the modem will need it and also the KFD - KMS) Keywords (for AI tool not JD): ECIES , ECDH, AEAD (authenticated encryption with additional data)
• Architect and implement secure firmware/SW updte mechanism (requirments for the mechanisums include: authenticity verification, signed firmware updates, rollback protection ) Keywords (for AI tool not JD): authenticity verification, signed firmware updates, rollback protection. TOCTOU (time of check/time of use), SVN
• Develop secure communication protocols for embedded systems, ensuring end-to-end encryption and authentication (e.g: Implement IPSec, TLS, and other network security protocols for secure data transmission). Keywords (for AI tool not JD): IPSec, TLS, VPN, MacSec
• Define and implement measures for tamper detection and protection - (Niche) Keywords (for AI tool not JD): (e.s of standards: FIPS 140-2, FIPS 140-3 , zeroization, tamper
• Work on air-gapped environments and security measures for high-assurance systems Keywords (for AI tool not JD): air-gapped
  
  

Education and Minimum Qualification

• BSc/MSc, Computer Science or Electrical/Computer Engineering, or a related field
• 7 years’ experience in a similar role
  
  

Key Skills

• Strong problem-solving abilities and attention to detail
• Excellent communication and teamwork skills, with the ability to work in a cross-disciplinary team
• Ability to prioritize and manage multiple tasks effectively in a fast-paced environment
  
  

#KATIM