• Capture security needs at business level, define appropriate security target for the system, and build threat analysis, detailed security requirements.
• Define system’ security architecture: select / design appropriate solutions, techniques and technologies to meet the targeted security level.
• Work with experts, designers and developers to review detailed design and implementations
• Plan and coordinate security evaluations of the products with internal attack laboratory or external provider of security assessment.
• Follow evolutions in security related technologies such as cryptography, attacks techniques, security evaluation methodologies…
• Act as a thought leader across the department, providing deep expertise on one or some domain of expertise on security related topics and serving as an internal reference point your specialization.
• Follow evolution of the CAS/DRM product ecosystem regarding standards and technical trends so as to anticipate changes.
• Contribute to the Nagravision patent portofolio and innovation by designing new security mechanism and approaches
• Strong skills in applied cryptography and security protocols, with the ability to define new ones.
• Strong skills in extended areas of software security techniques, white box cryptography, hardening.
• A strong interest and some previous experience in the area of hacking and security are mandatory
• Transversal knowledge of CAS/DRM products with a focus on connected systems. Good understanding of their architecture and security foundation
• Previous experience or knowledge in one or some of the following area is a strong plus:
o Previous experience in the development of embedded system and a good understanding of low level software and hardware mechanism.
o Knowledge of related formalism and methodologies such as Common Criteria.