Job content
You will join a team responsible for security certification for Samsung mobile, IoT and network devices. You will be working within an established team which specialises in the security devices and solutions. You will be responsible for providing expertise in the area of security certifications to address near and long term requirements of government customers across the globe.
As you will be working in a team, it is essential to have good inter-personal and communications skills. Role holder needs good understanding of the Security Certification process including latest security technologies and processes. You will assist remaining Samsung teams across the business units in understanding underlying process and options.
The main tasks you are expected to perform include:
Process involved in getting Samsung products and solutions certified for various government agencies across the globe. Working with Government agencies and Advisory bodies to address overall local requirements of cyber security and ensure that Samsung products and services are recognised as Secure and Samsung being trusted partner.Liaise with internal stake holders including local subsidiary (B2B Sales and Tech Support teams) and Samsung R&D teams. In particular keep up to date with government IT security requirements and work the Product Management and R&D teams to educate them with requirements and influence product roadmap ensuring consistent security.Understand Samsung’s security platforms, products and solutions including advance innovations, enabling easier adoption and approval by the government IA team and customers. Products and Solutions include and not limited to, Mobile, Wearable, IoT, Healthcare, Automobile, eID and Finance.Create all necessary documents which describe the overall process and share with business stake holders.Create necessary documents to describe issues encountered in effective manner to get right support from development teams.Understand detailed security characteristics for device/function/equipment to be certified and prepare them to meet those characteristics with the help development team. Create necessary documents describing security of product/function/equipment.Create overall plan to get certification, own and execute the plan.Travel to attend meetings with certification bodies and customers.Timely provision of written progress reports to your team leader.All work is to be of a professional standard, paying due regard to safety, efficiency, cost effectiveness, time scales and the needs of the company. Skills and Experience Required:
A degree in Computing and Communications or any related discipline (an equivalent period of industrial experience may be substituted).Strong experience in Security Accreditation and Assurance activity including CC,FIPS, CPA, CSPN, BSPA etc.,Able to create accreditation strategy, good understanding of security architecture, security evaluation, Threat and Risk assessment experience.Knowledge of various device security attack vectors including Apps, Browser, connectivity, device management, networking, local storage etc.,Necessary documentation skills required to create technical documents, process documents and day-to-day documents including PowerPoint’s.A high degree of self motivation, and a proactive approach to problem resolution.A good level of inter-personal and communication skills.Good analytical and logical thinking capability.
Desirable
Specialist degree in IT security is desirable.Mobile device and Network security certification experience is highly desirable.Have established contacts with certification bodies.In particular Android and Linux security experience is bonus.Having knowledge of software design and development methodologies will be a plus point.Knowledge of C & C++ programming language (at least 3 years’ experience). This experience is necessary to understand existing code and write test code to verify security requirements.Able to writing code to create test module to verify security requirements.16. Working experience within an organisation that develops real time embedded handset software.The desire and the ability to work within a team structure and to take responsibility for your own work.