Keysight Technologies
jobid=A.0.0313
pOverview: /ppKeysight is on the forefront of technology innovation, delivering breakthroughs and trusted insights in electronic design, simulation, prototyping, test, manufacturing, and optimization. Our ~15,000 employees create world-class solutions in communications, 5G, automotive, energy, quantum, aerospace, defense, and semiconductor markets for customers in over 100 countries. Learn more about what we do. /ppOur award-winning culture embraces a bold vision of where technology can take us and a passion for tackling challenging problems with industry-first solutions. We believe that when people feel a sense of belonging, they can be more creative, innovative, and thrive at all points in their careers. /ppAt Keysight Technologies, we’re at the forefront of secure product testing and certification, enabling the world’s leading semiconductor and device manufacturers to bring trustworthy, high-assurance technologies to market. Whether it’s payment chips, embedded secure elements, or complex System-on-Chips, our expertise helps customers demonstrate compliance with the most stringent global security standards — from Common Criteria (CC) and EMVCo, to GlobalPlatform, SESIP, and beyond. /ppOur Security Evaluation Lab is a highly skilled, international team of specialists with backgrounds in hardware, software, and embedded security. We combine deep technical expertise with a thorough understanding of certification schemes, helping customers meet both technical robustness and regulatory requirements. We regularly collaborate with certification bodies and other ITSEFs around the world. /ppResponsibilities: /pulliLead and execute vulnerability analysis and penetration testing campaigns on secure hardware products (e.g., Secure ICs, Secure Sub-Systems in SoCs) in accordance with certification schemes like Common Criteria (PP0084, PP0117) and EMVCo. /liliDesign, plan, and document test strategies and test plans aligned with scheme-specific requirements (e.g., JIL, AVA_VAN.5, EMVCo attack paths). /liliPerform and guide fault injection (FI) and side-channel analysis (SCA) testing (e.g., laser, EM, voltage, glitching), and analyze collected traces for vulnerability identification. /liliConduct in-depth hardware design reviews, including schematics, layout, and countermeasure analysis, to assess resistance against physical and logical attacks. /liliAnalyze and reverse-engineer bootloaders, embedded software, and firmware using Assembly, C/C++, and scripting tools. /liliReview and assess RTL code (e.g., Verilog, VHDL) to identify potential architectural and implementation-level weaknesses. /liliDocument findings in technical reports and certification deliverables in a clear, structured, and evidence-driven manner, suitable for submission to certification bodies and scheme owners. /liliTechnically lead evaluation teams by assigning tasks, reviewing technical deliverables, and ensuring conformance with certification expectations and project timelines. /liliAct as a subject-matter expert for hardware-based evaluations, engaging with customers and certification authorities to explain findings and defend evaluation results. /liliProvide guidance and mentoring to junior colleagues by reviewing their analysis results and offering coaching rooted in certification scheme expectations. /liliMaintain and share up-to-date knowledge on certification scheme developments, vulnerability classes, and evaluation methodologies relevant to the secure product certification domain. /liliTranslate vulnerability analysis findings into clear and actionable input for the security testing team, aligning results with applicable scheme thresholds and evaluation metrics. /li /ulpQualifications: /pulliA completed academic degree (BSc/MSc) in Electrical Engineering, Embedded Systems, or Computer Engineering. /liliAt least 5 years of technical, hands-on experience in hardware security evaluations, including: /liliSecurity assessments on Smart Cards, Secure ICs, and Secure Sub-Systems in SoC (PP0117). /liliLeading and performing fault injection and side-channel analysis, including attack potential rating and threshold testing as per JIL or EMVCo requirements. /liliDeep familiarity with Common Criteria (PP0084, PP0117), JIL hardware attack methods, or EMVCo Security Evaluation Process. /liliExperience in evaluating bootloaders, embedded code, and proprietary protocols. /liliExpert-level skills in: /liliEmbedded programming: Assembly, C, C++ /liliHardware design review: PCB schematics, layout files, protection mechanisms /liliRTL code analysis: Verilog, VHDL /liliWorking with hardware security lab equipment: oscilloscopes, lasers, EM probes, FI tooling /liliStrong technical documentation and reporting skills; able to translate complex technical findings into certification-ready reports. /liliComfortable working with multidisciplinary teams (hardware, software, crypto, compliance) and interfacing with both technical and scheme-level stakeholders. /liliWilling to travel occasionally to customer locations or certification authority meetings across Europe, North America, or Asia /li /ul
