Description
You will join a team responsible for security certification for Samsung mobile, IoT, and network devices. You will be working within an established team which specialises in the security of devices and solutions. You will be responsible for providing expertise in the area of security certifications to address both short and long term requirements of government customers across the globe.
As you will be working in a team, it is essential to have good inter-personal and communications skills. Role needs good understanding of Security Certification process including knowledge of the latest security technologies and processes. You will assist Samsung teams across the business units to understand underlying process and approach for certification.
Role and Responsibilities
Key Functions
The main tasks you are expected to perform include:
1.Follow processes involved in getting Samsung products and solutions certified for government agencies across the globe. Working with Government agencies and Advisory bodies to address overall local cyber security requirements and ensure that Samsung products and services are recognised as secure and maintain Samsung’s reputation as a trusted partner.
2.Liaise with internal stake holders including local subsidiary (B2B Sales and Tech Support teams) and Samsung R&D teams. In particular, keep up to date with government IT security requirements and work with Product Management and R&D teams to assist them with requirements and ensure the product roadmap has a consistent security strategy.
3.Understand Samsung’s security platforms, products and solutions including advance innovations - in Mobile, Wearable, IoT, Healthcare, Automobile, eID and Finance, enabling easier adoption and approval by the government IA teams and customers.
4.Create all necessary documents which describe the overall process and share with business stake holders.
5.Create necessary documents to describe issues encountered in an effective manner to get right support from development teams.
6.Understand detailed security requirements for device/function/equipment to be certified and prepare them to meet those requirements with the help of development team. Create necessary documents describing security of product/function/equipment.
7.Create overall plan to get certification, own and execute the plan.
8.Travel to attend meeting with certification bodies and customers.
9.Timely provision of written progress reports to your team leader.
All work is to be of a professional standard, paying due regard to safety, efficiency, cost effectiveness, time scales and the needs of the company.
Skills and Qualifications
Skills and Experience
Mandatory
1. A degree in Computing and Communications or any related discipline (an equivalent period of industrial experience may be substituted).
2. 3-6 years’ experience in Security Accreditation and Assurance activity including CC, FIPS, CPA, CSPN, BSPA etc.,
3. Able to create accreditation strategy, good understanding of security architecture, security evaluation, Threat and Risk assessment experience.
4. Knowledge of various device security attack vectors including Apps, Browser, connectivity, device management, networking, local storage etc.,
5. Necessary documentation skills required to create technical documents, process documents and day-to-day documents including PowerPoint’s.
6. A high degree of self motivation, and a proactive approach to problem resolution. A good level of inter-personal and communication skills.
7. Good analytical and logical thinking capability.
Desirable
Specialist degree in IT security is desirable. Mobile device and Network security certification experience is highly desirable. Have established contacts with certification bodies. Experienced candidate in following area may apply,
8. Knowledge and experience of developing container/sandboxing solutions including TrustZone, Linux Container, SE Android, etc.,
9. Experience with security sensitive solutions like, DRM, Mobile Payment/Banking and Secure communication.
10. Experience in real time embedded software development preferably for mobile devices with an understanding of the embedded development environments and associated development restrictions will be advantageous.
11. Mobile middleware/platform software development including significant experience of mobile security solution development with hands on experience of Linux mobile platforms.
Having knowledge of software design and development methodologies will be a plus point. Knowledge of C & C++ programming language (at least 3 years’ experience). This experience is necessary to understand existing code and write test code to verify security requirements. Able to write code to create test module to verify security requirements. Working experience within an organisation that develops real time embedded handset software. The desire and the ability to work within a team structure and to take responsibility for your own work.
Contract Type: Permanent
Job Location: Staines-upon-Thames, Surrey, UK
Hybrid Working: 3 days working from the office and 2 days working from home weekly.
Employee Benefits: Highly Competitive Salary, Car Allowance (grade dependant), Annual Performance Bonus up to 21.5%, Pension Scheme with company contribution up to 8.5%, Income Protection, Stocks & Shares ISA, Life Assurance, 25 days holiday (increasing to 30 with length of service). We also have a wide range of Flexible Benefits to choose from with Samsung providing an allowance of £600 per year to spend on them.
*