Firmware Security Analyst

Key Responsibilities:

• SDL Policy Adherence: Ensure firmware development aligns with Fluke's Security Development Lifecycle (SDL), embedding security best practices from the start
• Cross-Functional Security Collaboration: Partner with global development teams to embed security into product design, development, and testing
• Automate Security Scans: Collaborate with DevOps to integrate automated security scans into CI/CD pipelines and address vulnerabilities quickly
• Establish Security Requirements: Define and communicate security requirements for firmware projects to guide development teams
• Prioritize and Track Remediations: Assess and prioritize remediation based on risk, compliance, and product impact; track resolution status
• Incident Response Participation: Contribute firmware security expertise to investigate, contain, and resolve security incidents
• Compliance and Reporting: Track adherence to SDL policies and generate regular security compliance and posture reports for management

Qualifications and Experience:

• Strong understanding of firmware development and secure development lifecycle (SDL) principles
• Hands-on experience with firmware security scanning tools such as Binwalk and Firmware Analysis Toolkit
• Familiarity with DevOps workflows and integrating security tools into CI/CD pipelines
• Proven ability to collaborate with remote, global development teams and influence security implementation
• Excellent written and verbal communication skills to convey complex security concepts effectively
• Strong analytical mindset and attention to detail for vulnerability prioritization and remediation
• Experience participating in incident response for embedded or firmware-related systems

Education:

• Bachelor's degree in Cybersecurity, Computer Engineering, or related field, or equivalent work experience
• Preferred certifications: CEH, GSEC, or similar cybersecurity credentials