Tata Elxsi offers comprehensive services in Media and Communications, including research, strategy, design, software development, validation, and deployment. With global presence and deep expertise, we specialize in 5G services, Edge computing, and connectivity solutions.

We are looking for an experienced Embedded Devices Security SME to lead the design, assessment, and implementation of cybersecurity controls across embedded platforms in automotive systems, medical devices, and connected TV/OTT ecosystems. The ideal candidate will collaborate with cross-functional teams to ensure end-to-end device security across software and hardware lifecycles.

Key Responsibilities:

• Conduct security architecture reviews and threat modeling for embedded device platforms (RTOS, Linux, Android, QNX).
• Perform vulnerability assessments, firmware analysis, and penetration testing for automotive ECUs, medical IoT devices, and OTT devices.
• Guide to implementation of secure boot, firmware encryption, key management, and secure update (OTA) mechanisms.
• Integrate and evaluate hardware security modules (HSM, TPM, SE) and trusted execution environments (TEE).
• Define and enforce secure coding practices (C/C++/Python) as per MISRA and CERT guidelines.
• Lead compliance activities aligned with ISO 21434, FDA Cybersecurity Guidance, and OWASP IoT standards.
• Conduct SAST, DAST, and SCA for embedded code and third-party software, managing vulnerabilities throughout the product lifecycle.
• Support cybersecurity documentation, SBOM generation, and vulnerability disclosure processes.
• Analyze risks in connected interfaces (CAN, BLE, Wi-Fi, Ethernet, USB, HDMI, etc.) and define mitigations.
• Mentor engineers and drive secure design practices across product teams.

Required Skills & Competencies:

• Strong understanding of embedded Linux/RTOS internals, bootloaders, and kernel-level security.
• Hands-on experience with IDA Pro, Ghidra, Binary Ninja, Wireshark, and firmware extraction tools (JTAG, UART).
• Knowledge of cryptography, PKI, and key provisioning.
• Familiarity with secure communication protocols (TLS, DTLS, MQTT, CAN-FD).
• Experience in fuzz testing, binary analysis, and reverse engineering.
• Proficient in threat modeling (STRIDE, Attack Tree, STPA-Sec).
• Understanding automotive diagnostics (UDS, OBD-II) and medical communication protocols.
• Exposure to SBOM and vulnerability management tools.
• Excellent communication and documentation skills.

Education:

• Bachelor’s or Master’s in Computer Science, Electronics, or Embedded Systems.
• Preferred Certifications: CISSP, CEH, Automotive SPICE, ISO 21434 Practitioner, or equivalent.