IoT Security Specialist (The Guardian of Connected Systems)
Unreal Gigs, San Francisco, CA, United States
Are you passionate about safeguarding the vast network of interconnected devices that power smart cities, industrial IoT, and home automation systems? Do you thrive on designing security protocols that protect IoT ecosystems from cyber threats and vulnerabilities? If you’re excited about securing the future of the Internet of Things, then our client has the ideal role for you. We’re looking for an IoT Security Specialist (aka The Guardian of Connected Systems) to ensure that IoT devices, networks, and platforms are safe, resilient, and secure against the growing landscape of cyber threats.
As an IoT Security Specialist at our client, you will work closely with IoT developers, network engineers, and security teams to design and implement robust security frameworks for IoT devices and systems. From encrypting communication channels to ensuring secure device onboarding, you will be responsible for protecting IoT ecosystems from vulnerabilities, breaches, and attacks.
Key Responsibilities:
- Develop and Implement IoT Security Strategies: Design and implement end-to-end security protocols that protect IoT devices, networks, and data. You’ll ensure that IoT systems are secure from vulnerabilities such as unauthorized access, man-in-the-middle attacks, and data breaches.
- Device Authentication and Secure Onboarding: Develop secure methods for authenticating IoT devices during onboarding, ensuring that only trusted devices are allowed to join networks. You’ll use technologies like PKI (Public Key Infrastructure), secure boot, and multi-factor authentication to establish trust.
- Encrypt Communication Channels and Data: Implement encryption protocols to secure communication between IoT devices, gateways, and cloud platforms. You’ll ensure that data in transit and at rest is encrypted using standards such as AES, TLS, or IPSec.
- Vulnerability Assessments and Penetration Testing: Conduct vulnerability assessments and penetration testing on IoT systems to identify security weaknesses. You’ll work with development teams to fix vulnerabilities and implement patches to protect against known threats.
- Collaborate on Secure IoT Device Design: Work closely with hardware and software engineers to design secure IoT devices from the ground up. You’ll provide input on secure hardware modules, firmware protection, and secure coding practices to reduce the attack surface of devices.
- Monitor and Respond to IoT Security Incidents: Develop real-time monitoring tools and response plans for IoT security breaches. You’ll work with security operations teams to detect threats, mitigate attacks, and implement incident response protocols for compromised IoT systems.
- Ensure Regulatory Compliance and Standards: Ensure that IoT solutions comply with industry security standards and regulations, such as GDPR, HIPAA, and NIST. You’ll develop strategies to align IoT security practices with global and industry-specific compliance requirements.
Required Skills:
- IoT Security Expertise: Strong experience in securing IoT devices, networks, and ecosystems. You’re skilled in designing security architectures that protect IoT systems from cyberattacks and vulnerabilities.
- Encryption and Cryptography: Expertise in encryption protocols and cryptography, including the use of AES, TLS, IPSec, and PKI. You know how to secure communication channels and protect sensitive data.
- Device Authentication and Access Control: Experience in designing secure device authentication methods, such as secure boot, multi-factor authentication, and certificate-based access control.
- Penetration Testing and Vulnerability Assessments: Strong knowledge of vulnerability assessment tools and penetration testing techniques. You’re skilled at identifying and mitigating security risks in IoT systems.
- Collaboration and Communication: Excellent collaboration skills, with the ability to work with cross-functional teams, including hardware engineers, software developers, and network security teams. You can explain complex security concepts to both technical and non-technical stakeholders.
Educational Requirements:
- Bachelor’s or Master’s degree in Cybersecurity, Computer Science, Information Security, or a related field. Equivalent experience in IoT security is highly valued.
- Certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or Certified IoT Security Practitioner (CIoTSP) are a plus.
Experience Requirements:
- 3+ years of experience in cybersecurity, with hands-on experience securing IoT systems and devices in production environments.
- Proven track record of designing and implementing IoT security frameworks for industries such as smart cities, healthcare, manufacturing, or automotive.
- Experience with IoT communication protocols (e.g., MQTT, CoAP, BLE) and IoT platforms (AWS IoT, Azure IoT, Google Cloud IoT) is highly desirable.