Product Security Test Engineer – China Market
Philips View all jobs
- Shanghai
- Permanent
- Full-time
Key tasks are to assure security robustness, by conducting efficient and effective security assessments on products / services / systems to ensure robustness w.r.t the security features. The security assessor is a subject matter expert who identifies and helps resolve security issues, and also supports soldering work for hardware product security tests. The position reports to Director Product Security China, and dot-line functionally report to Indian SCoE manager.You're the right fit if:3+ years of progressive experience in security domain with expertise in any one or more of the following areas:AI Security testingIoT Security testingBluetooth/Zigbee/Wi-Fi security testingMobile application hackingWeb application / Web Services security testingInfrastructure security testingCloud security assessmentsAutomation and integration of security testingGood hands-on experience with Security Assessment toolsGood hands-on experience with embedded devicesExposure to Hardware protocols such as JTAG, UART, SPI, I2C, MQTT etc.Good understanding of types of Firmware such as RTOS, Full pledged Operating system etc.Good Knowledge in reverse engineering the application binaries such as .exe and ELF etc.Experience in conducting security assessments and penetration testing on IoT devicesShould be Proficient in IEEE 802.11 standards (Wi-Fi)Knowledge of WPA3, WPA2, and WEP encryption standardsFamiliarity with 802.1X for network access controlUnderstanding of VPN protocols (IPSec, L2TP, SSL/TLS)Experience in conducting security assessments and penetration testing on Wi-Fi devicesExperience in conducting security assessments and penetration testing on Bluetooth devicesFamiliarity with tools for Bluetooth security analysis (e.g., BlueZ, Blescanner, Wireshark)Understanding of security frameworks for wireless communications (e.g., IEEE 802.15.1)Experience on manual exploitation of vulnerabilities, generating the reports, pin-pointing the vulnerabilities and provide detail recommendations on vulnerability exploitationExposure to current security threats, specific to the application security*Experience/exposure to programming platforms such as Java /.Net/ C and C++, is an added advantage*Should have been involved in end to end application security testing for multiple products / projects / applications with good appreciation for SDLC and test life cycle.Certifications: CEH/OSCP/CSSLP/CISSP/GCIH/GPEN (at least one)Willing to occasionally travel domestically (Suzhou, Shenyang, Shenzhen) and international (Bangalore, The Netherlands)Languages: Mandarin and EnglishNote (*): highly recommended but non-mandatoryAbout Philips
We are a health technology company. We built our entire company around the belief that every human matters, and we won't stop until everybody everywhere has access to the quality healthcare that we all deserve. Do the work of your life to help the lives of others.
- Learn more about .
- Discover .
- Learn more about .