Senior Expert, Embedded Software Security & Security Architectures

OUR STORY

At STMicroelectronics, we believe in the power of technology to drive innovation and make a positive impact on people, businesses, and society. As a global semiconductor company, our advanced technologies and chips form the hidden foundation of the world we live in today.

When you join ST, you will be part of a global business with more than 115 nationalities, present in 40 countries, and comprising over 50,000 diverse and dedicated creators and makers of technology around the world.

Developing technologies takes more than talent: it takes amazing people who understand collaboration and respect. People with passion and the desire to disrupt the status quo, drive innovation, and unlock their own potential.

Embark on a journey with us, where you can innovate for a future that we want to make smarter and greener, in a responsible and sustainable way. Our technology starts with you.

YOUR ROLE

We are seeking a Senior Expert in Embedded Software Security and Security Architectures to define, oversee, and strengthen all software security development activities for the RFOC subgroup products across automotive and non-automotive markets .

This role is responsible for leading security-by-design practices throughout the software lifecycle, from requirements definition through design, implementation, integration, validation, and release support. The ideal candidate combines deep expertise in embedded software development, cybersecurity standards, secure coding, and security architecture, with the ability to guide engineering teams and collaborate effectively with quality, project management, and product stakeholders.

The position requires a strong background in automotive quality processes such as ASPICE , knowledge of ISO/SAE 21434 and cybersecurity requirements for automotive products as well as Common Criteria and SESIP for IT and IoT applications. It has to support internal and external audits related to security, quality, and process compliance. Prepare and provide evidence, documentation, and technical justification during reviews and audits. It is key the ability to operate effectively in complex, fast-paced, and demanding development environments.

• Security Leadership and Architecture
  
  

Define and supervise the software security strategy for RFOC subgroup products. Lead the design of secure embedded software architectures for automotive and non-automotive applications. Establish security requirements, security controls, and architectural principles aligned with product and market needs. Review and approve security-related design decisions, ensuring compliance with internal standards and external regulations. Support threat analysis, risk assessment, and security concept activities for embedded systems. End-to-End Security Development Oversigh

• Drive software security activities across the full development lifecycle:
  
  

Requirements management, architecture and detailed design, implementation, integration, verification and testing. Ensure security features are implemented consistently and robustly across software components. Guide engineering teams in adopting secure development practices and maintaining traceability from security requirements to validation evidence.

• Secure Coding and Secure Development Practices
  
  

Promote and enforce secure coding practices across embedded software teams. Perform or lead secure code reviews, vulnerability assessments, and remediation planning. Define security development guidelines, coding rules, and defensive programming practices. Contribute to the analysis and mitigation of software vulnerabilities and security weaknesses.

• Team Guidance and Cross-Functional Collaboration
  
  

Work closely with software engineering teams to drive execution and quality across security-related activities. Provide technical leadership and coaching to engineers involved in security requirements, design, implementation, integration, and testing. Collaborate with project management, quality assurance, product management, system engineering, and other stakeholders. Help teams make practical, risk-based decisions when ideal solutions are constrained by technical, timing, cost, or program realities.

• Program Execution in Complex Environments
  
  

Adapt to changing priorities, evolving planning, and shifting technical constraints. Sustain performance during workload peaks and operate effectively under pressure in large and challenging projects. Manage trade-offs and compromises when the optimal path is not feasible, while preserving security integrity as much as possible. Support issue resolution and escalation management for security-related risks and execution blockers.

• Innovation and Continuous Improvement
  
  

Stay current with emerging trends in embedded security, automotive cybersecurity, and secure development methodologies. Champion innovation in development workflows, including the use of AI-driven tools and methodologies to improve productivity, quality, and efficiency. Identify opportunities to simplify processes, automate repetitive tasks, and improve the effectiveness of security engineering practices. Contribute to continuous improvement of tools, methods, templates, and best practices.

Experience

YOUR SKILLS & EXPERIENCES

• Extensive experience in embedded software design and development.
• Proven experience in software security, security architecture, or cybersecurity engineering for embedded products.
• Experience working in automotive development environments and applying ASPICE-based processes.
• Hands-on knowledge of ISO/SAE 21434, automotive cybersecurity engineering practices, Common Criteria and SESIP.
• Demonstrated experience with secure coding, code review, and security vulnerability mitigation.
• Experience supporting technical audits, quality reviews, and customer-facing security assessments.
  
  

Technical Skills

• Strong understanding of embedded software architecture, real-time constraints, and system integration.
• Solid knowledge of software security concepts, including:
• secure boot and trust chains
• authentication and authorization
• cryptography fundamentals and secure key handling
• firmware integrity protection
• secure update mechanisms
• attack surface reduction
• secure communication principles
• Understanding of testing and validation approaches for security functions.
• Familiarity with security analysis techniques such as threat modeling and risk assessment.
  

Behavioral And Leadership Skills

• Strong ability to work collaboratively in a multidisciplinary team.
• Capable of influencing and guiding engineering teams without necessarily having direct line management authority.
• Excellent communication skills, with the ability to explain complex security topics clearly to technical and non-technical audiences.
• High adaptability and resilience in dynamic project environments.
• Strong sense of ownership, accountability, and initiative.
• Open-minded, innovation-oriented, and comfortable using modern tools and AI-assisted methodologies.
  
  

MDRF perimeter only.

ST is proud to be one of the 17 companies certified as a 2025 Global Top Employer and the first and only semiconductor company to achieve this distinction. ST was recognized in this ranking thanks to its continuous improvement approach and stands out particularly in the areas of ethics & integrity, purpose & values, organization & change, business strategy, and performance.

At ST, we endeavor to foster a diverse and inclusive workplace, and we do not tolerate discrimination. We aim to recruit and retain a diverse workforce that reflects the societies around us. We strive for equity in career development, career opportunities, and equal remuneration. We encourage candidates who may not meet every single requirement to apply, as we appreciate diverse perspectives and provide opportunities for growth and learning. Diversity, equity, and inclusion (DEI) is woven into our company culture.

To discover more, visit st.com/careers.