SGS Brightsight is part of SGS – the world's leading testing, inspection and certification company. At SGS Brightsight, we support companies in getting their products ready and in compliance with the latest security regulations and requirements. With over 35 years of experience in evaluating IT products in different industries, we evaluate these products against requirements set by governmental and private schemes. SGS Brightsight has been a Common Criteria and EMVCo hardware lab since 2002.
Job DescriptionWe are seeking a highly skilled and detail-oriented professional to join our team as a Common Criteria Evaluator. As a Common Criteria Evaluator, you will be responsible for evaluating and assessing the security functionality of information technology products based on the Common Criteria standard. Your role will involve conducting thorough evaluations, analyzing security documentation and providing detailed reports and recommendations. You will collaborate closely with cross-functional teams and contribute to the overall improvement of product security and compliance. We are looking for people with a fascination for IT security. You will join a multidisciplinary team to execute security evaluations on state-of-the-art products such as trusted execution environments, hypervisors, real-time operating systems, artificial intelligence, secure elements, network devices, key managers, and hardware security modules.
Responsibilities Perform comprehensive evaluations of information technology products based on the Common Criteria standard.Review and analyze security documentation, including security policies, specifications, and test plans.Conduct thorough assessments of security functionality, vulnerability analysis, and risk management practices.Utilize testing tools, methodologies, and frameworks to assess the security of products.Collaborate with product development teams to identify potential security vulnerabilities and propose mitigation strategies.Prepare detailed evaluation reports outlining findings, analysis, and recommendations.Stay updated on the latest developments in the field of Common Criteria and security evaluation methodologies.Collaborate with external evaluators, vendors, and clients to ensure compliance with relevant standards.Participate in the improvement and development of evaluation processes, methodologies, and best practices.QualificationsMust You have a Bachelor's or Master's degree in a technical field of study (computer science, telecommunications, electronics, physics, mathematics).You have strong analytical and problem-solving skills with attention to detail.You can work effectively both independently and collaboratively in a team environment.You have strong organizational skills with the ability to prioritize tasks and meet deadlines.You have English language skills.Solid understanding of security principles, cryptographic algorithms, and security protocols.Knowledge/experience in ISO27001, Common Criteria, SESIP, PSA, CSA, LINCE, NESAS, PCI.Knowledge/experience in Smartcards, HSM, ARM, cryptography, web, and networking technologies.Experience in conducting security evaluations, vulnerability assessments, or penetration testing.Additional InformationSGS Brightsight provides a very good training program, from the basics to expert level. We offer a supportive work environment that fosters professional growth and development. We offer a competitive salary package based on the candidate.
At SGS Brightsight you will:
Be part of a multicultural team with highly motivated colleagues from all over the world.Work for the recognized global leader in security evaluations.Work with all major developers on their latest innovations.Enjoy an informal and intellectually challenging work environment.
#J-18808-Ljbffr