Senior Security Evaluator - Hardware

Overview
Keysight   is on the forefront of technology innovation, delivering breakthroughs and trusted insights in electronic design, simulation, prototyping, test, manufacturing, and optimization. Our ~15,000 employees create world-class solutions in communications, 5G, automotive, energy, quantum, aerospace, defense, and semiconductor markets for customers in over 100 countries. Learn more   about what we do.
Our   award-winning   culture embraces a bold vision of where technology can take us and a passion for tackling challenging problems with industry-first solutions. We believe that when people feel a sense of belonging, they can be more creative, innovative, and thrive at all points in their careers.
At  Keysight Technologies , we’re at the forefront of  secure product testing and certification , enabling the world’s leading semiconductor and device manufacturers to bring  trustworthy, high-assurance technologies  to market. Whether it’s payment chips, embedded secure elements, or complex System-on-Chips, our expertise helps customers demonstrate compliance with the most stringent global security standards — from  Common Criteria (CC)  and  EMVCo , to  Global Platform ,  SESIP , and beyond.
Our  Security Evaluation Lab  is a highly skilled, international team of specialists with backgrounds in  hardware, software, and embedded security . We combine deep technical expertise with a thorough understanding of  certification schemes , helping customers meet both  technical robustness  and  regulatory requirements . We regularly collaborate with certification bodies and other ITSEFs around the world.

Responsibilities
Lead and execute  vulnerability analysis and penetration testing campaigns  on secure hardware products (e.g., Secure ICs, Secure Sub-Systems in SoCs) in accordance with certification schemes like  Common Criteria (PP0084, PP0117)  and  EMVCo .
Design, plan, and document  test strategies and test plans  aligned with scheme-specific requirements (e.g., JIL, .5, EMVCo attack paths).
Perform and guide  fault injection (FI)  and  side-channel analysis (SCA)  testing (e.g., laser, EM, voltage, glitching), and analyze collected traces for vulnerability identification.
Conduct in-depth  hardware design reviews , including  schematics, layout, and countermeasure analysis , to assess resistance against physical and logical attacks.
Analyze and reverse-engineer  bootloaders , embedded software, and firmware using  Assembly ,  C/C++ , and  scripting tools .
Review and assess  RTL code (e.g., Verilog, VHDL)  to identify potential architectural and implementation-level weaknesses.
Document findings in  technical reports and certification deliverables  in a clear, structured, and evidence-driven manner, suitable for submission to certification bodies and scheme owners.
Technically lead evaluation teams by assigning tasks, reviewing technical deliverables, and ensuring conformance with certification expectations and project timelines.
Act as a subject-matter expert for  hardware-based evaluations , engaging with customers and certification authorities to explain findings and defend evaluation results.
Provide guidance and mentoring to junior colleagues by reviewing their analysis results and offering  coaching rooted in certification scheme expectations .
Maintain and share  up-to-date knowledge on certification scheme developments, vulnerability classes, and evaluation methodologies  relevant to the secure product certification domain.
Translate vulnerability analysis findings into clear and actionable input for the  security testing team , aligning results with applicable scheme thresholds and evaluation metrics.

Qualifications
A completed academic degree (BSc/MSc) in  Electrical Engineering, Embedded Systems, or Computer Engineering .
At least 5  years of technical, hands-on experience  in  hardware security evaluations , including:
Security assessments on  Smart Cards, Secure ICs, and Secure Sub-Systems in SoC (PP0117) .
Leading and performing  fault injection and side-channel analysis , including attack potential rating and threshold testing as per JIL or EMVCo requirements.
Deep familiarity with  Common…