Cyber Security Architect

About the job

Join an Israeli company, specializing in power metering and power quality monitoring equipment.

What You'll Be Doing

You’ll will be responsible for defining, designing, and guiding the implementation of end-to-end cyber protection architectures for the company’s next-generation industrial embedded products.

• Define the overarching cybersecurity architecture for the company's embedded industrial products, covering secure boot, firmware integrity, identity management, key storage, and communication protection.
• Lead the development of security requirements, policies, and hardening guidelines for firmware, hardware, and communication interfaces.
• Own the secure-by-design approach from concept to deployment, aligning with industry standards (e.g., NIST, CIP, IEC 62351, IEC 62443, IEC 61850, IEEE 1686, DLMS/COSEM security suites).
• Design and oversee implementation of embedded protection mechanisms such as:

o Secure boot & firmware authentication

o Secure storage / hardware root of trust

o Anti-tamper and anti-cloning techniques

o Runtime protection and anomaly detection

o Cryptographic key lifecycle management

• Review and guide secure coding practices for embedded teams (C/C++, secure memory handling, privilege separation, TrustZone, etc
• Architect and implement encrypted communication with external SCADA, EMS, and industrial control systems using protocols such as:

o TLS/DTLS, IPsec

o IEC 62351, IEC 61850 security

o DLMS/COSEM Security Suite 1/2/3

o Modbus/TCP Security, DNP3-SA

• Lead hands-on development and debugging of secure protocols on resource-constrained embedded devices.
• Ensure mutual authentication, certificate handling, and secure session lifecycle.
• Perform threat modeling (STRIDE, MITRE ATT&CK for ICS) and product-level risk assessments.

Requirements

7+ years of experience in embedded systems cybersecurity, secure firmware development, or embedded networking.

Strong proficiency in C/C++, embedded Linux and RTOS environments, and microcontroller security features (ARM TrustZone, hardware accelerators, secure elements).

Hands-on experience implementing cryptographic protocols, certificate management, and secure channel establishment.

• Proven capability to design end-to-end security architectures for complex embedded products.

• Experience defining cybersecurity requirements, policies, and secure development lifecycle (SDL) processes.

• Strong analytical and documentation skills, with ability to translate risks into practical engineering solutions.

Job No. 417643

CV to hilas@nisha.co.il