Posted:
1/6/2026, 2:49:36 AM
Location(s):
Ahmedabad, Gujarat, India ⋅ Karnataka, India ⋅ Gujarat, India ⋅ Pimpri-Chinchwad, Maharashtra, India ⋅ Bengaluru, Karnataka, India ⋅ Maharashtra, India
Experience Level(s):
Mid Level ⋅ Senior
Field(s):
IT & Security
Experience:
6–10 years
Key Skills:
• Extensive experience with threat modeling frameworks (STRIDE, TARA)
• Deep understanding of embedded system architectures (ARM/SoC, MCU)
• Expertise in secure boot and hardware root of trust evaluations
• Proficient in analyzing secure design and risk management methodologies
• Strong knowledge of compliance standards (RED, IEC 62443, ISO 27001)
• Ability to integrate architectural risk assessments with VAPT planning
• Skilled in attack surface analysis for complex embedded systems
• Experience with security assessment tools and architectural review platforms
• Excellent technical documentation and reporting skills
• Ability to mentor and guide engineering teams on secure design practices
• Strong analytical and problem-solving skills
• Proficient in developing detailed risk assessments and remediation plans
• Experience in reviewing hardware-software integration for security gaps
• Excellent communication skills for bridging technical and compliance teams
• Proactive in keeping current with emerging design vulnerabilities
Responsibilities:
• Lead comprehensive architecture reviews and threat modeling assessments
• Analyze device/system architecture for vulnerabilities impacting security
• Define clear test objectives and attack scenarios based on design flaws
• Translate architectural risks into actionable VAPT test cases
• Oversee and guide the development of detailed security risk assessments
• Collaborate with VAPT teams to ensure design vulnerabilities are tested
• Provide mentorship and technical guidance to engineering teams
• Document architectural weaknesses and recommend remediation measures
• Coordinate with compliance teams to ensure design evaluations align with RED 18031
• Develop and maintain comprehensive architecture review documentation
• Conduct periodic reviews and updates of threat models based on emerging risks
• Participate in security workshops and training sessions on secure design
• Evaluate secure boot, update processes, and hardware root of trust implementations
• Review integration points between hardware and software for potential flaws
• Present findings to both technical and non-technical stakeholders
Qualifications & Certifications:
• Bachelor’s or Master’s in Electronics, Embedded Systems, or Information Security
• Preferred: CISSP, CSSLP, or equivalent secure design certifications
• Familiarity with IEC 62443 and RED 18031 threat modeling practices is a plus
Website: https://arrow.com/
Headquarter Location: Kraków, Malopolskie, Poland
Employee Count: 10001+
Year Founded: 1935
IPO Status: Private
Industries: Information Technology ⋅ IT Infrastructure ⋅ IT Management ⋅ Software