Embedded Security Developer - North Lanarkshire

Embedded Security Developer - IT
Ref: 284 Date Posted: Monday 10 Nov 2025

The Embedded Security Developer will be responsible for ensuring the secure design and implementation of embedded firmware and software components within our product portfolio. This role involves applying secure coding practices, performing threat modeling, and ensuring compliance with industry standards and internal processes. The ideal candidate will have a strong background in embedded systems development and a passion for cybersecurity.

 

PRINCIPLE JOB RESPONSIBILITIES

  • Perform security requirements analysis
  • Conduct risk analysis and threat modelling
  • Ensure secure design principles are applied such as least privilege, defence in depth, and secure defaults
  • Ensure secure implementation of requirements and threat mitigations, including:
    • Follow secure coding guidelines to prevent common vulnerabilities (e.g., buffer overflows, injection flaws)
    • Application of Static Code Analysis to identify security vulnerabilities in code
    • Application of Software Composition Analysis to ensure supply chain security
    • Unit testing and code reviews
  • Defect analysis and remediation
  • Ensure compliance with internal processes and applicable standards (e.g., IEC 62443, ISO 27001)
  • Support internal and external audits as required
  • Drive continuous improvement by staying updated on emerging threats, tools, and best practices
  • Occasional travel may be required, such as training or customer support.
  • Other responsibilities or tasks that are within your skills and abilities, whenever reasonably instructed. The business reserves the right to make reasonable adjustments in line with business requirements. This job description is non-contractual and is for information and mutual understanding of both parties.

 

REQUIRED QUALIFICATIONS AND EXPERIENCE

  • Minimum 5 years of experience in developing embedded firmware
  • Engineering degree in Software, Computer Science, Cybersecurity or equivalent demonstrated knowledge.
  • Strong C/C++ programming skills
  • Understanding of encryption algorithms, key management, and secure protocols (TLS, SSH, etc.)
  • Strong understanding of common vulnerabilities (e.g., OWASP Top 10, CWE/SANS Top 25)
  • Familiarity with Linux, Windows, RTOS and network protocols (TCP/IP, DNS, HTTP/S)
  • Understanding of industrial protocols (e.g., Serial, Modbus, HART)
  • Knowledge of industry standards: IEC 62443, ISO 27001, NIST, OWASP
  • Experience implementing DevSecOps best practices; Azure DevOps experience is a plus
  • Self-directed and motivated in a team orientated environment


Download Job Profile

Cookies on this website
We to ensure that we give you the best experience on our website. If you wish you can restrict or block cookies by changing your browser setting. If you continue without changing your settings, we'll assume that you are happy to receive all cookies on this website.

View our Cookie Policy

Accept Essential OnlyAccept All