Embedded Systems Security Research Engineer

Location: Reading, United Kingdom

In fast changing markets, customers worldwide rely on Thales. Thales is a business where brilliant people from all over the world come together to share ideas and inspire each other. In aerospace, transportation, defence, security and space, our architects design innovative solutions that make our tomorrow's possible.

Together we offer fantastic opportunities for committed employees to learn and develop their career with us. At Thales UK, we research, develop, and supply technology and services that impact the lives of millions of people each day to make life better, and keep us safer. We innovate across the major industries of Aerospace, Defence, Security and Space. Your health and well-being matters to us and that’s why we offer you the flexibility to do what’s important to you; whether that’s part time hours, job sharing, home working, or the ability to flex your start and finish times. Where possible, we support a working pattern that suits your lifestyle and helps you reach your ambitions.

Embedded Systems Security Research Engineer

Location: Reading (Hybrid Working with minimum 3 days on-site)

Are you an experienced Embedded systems engineer with an interest and background in security? Do you have an inquisitive and technical problem-solving mind? Would you like to work in a supportive environment? Got your interest, then look no further…

Our Opportunity

We have an exciting opportunity in our Research, Technology and Innovation (RTI) business. The RTI function is at the centre of Thales UK supporting growth in all of the key market areas, and spearheading activity into future markets identified as growth opportunities. Due to a rapid period of growth we are looking to add an Embedded Systems Security Research Engineer to the team.

The successful candidate will carry out low to mid Technology readiness level (TRL) research and development activities for potential future products, in embedded security, for both civil and military applications.

As an Embedded Systems Security Research Engineer you will:

Be expected to work within a group of other research staff, as well as being self-motivated to work individually, and be flexible to adapt into new research areas and ways of working. The focus for this role is the security of the embedded platform, not secure embedded software development. Tasks are expected to include:

• Contribute to the development of preliminary security risk assessments and threat models for embedded platforms
• Contribute to defining, prototyping and testing security approaches and solutions against identified threats to embedded platforms, based on existing or emerging technologies.
• Contribute to evaluation of security solutions and assessment of relative merits of differing options against agreed threat profiles.
• Designing, prototyping and testing of security measures within embedded test solutions, including:
  • Development of embedded C / C++ / Rust
  • Setup and configuration of virtualisation and containerisation technologies for security (hypervisors, Kubernetes, etc)
  • Development of test scripts
  • Building and evaluating proof-of-concept demonstrators and prototypes
  • Integration with hardware,  including use of security mechanisms within the hardware
  • Integration with networks
  • Software and system testing
  • Software deployment in cloud infrastructure

About You

• The ability to listen to customers, interpret their needs, seek clarification and reach agreement, with a view to developing long lasting relationships.
• The ability to present and explain complex technical issues to management, colleagues and customers.
• The willingness and ability to work collaboratively as part of a team, whilst taking responsibility for individual tasks.
• The ability to analyse complex technical problems, exercise judgement and offer innovative, practical and compliant solutions in a timely manner.
• The ability to prioritise, manage the workload, be flexible, and work under pressure to demanding timescales
• The ability and willingness to continue to learn and develop technical skills, assisting others to do likewise where appropriate
• A balance of creative thinking/problem-solving with good engineering practice
• An appreciation of the challenges of safety and security critical constraints for system development and assurance.

Skills:
•    Experience of design and implementation of security mechanisms
•    The successful candidate will have a good level of understanding of embedded C and/or C++ and platform security concerns (secure boot, secure firmware updates, roots of trust, etc) as well as some of the following skills:

•     Rust
•     Python or similar scripting language
•     Real-Time embedded applications
•     Experience with real-time OS (e.g. FreeRTOS etc.)
•     Embedded Linux OS Development (e.g. Buildroot, Yocto, Driver Development etc.)
•     Linux application development
•     Linux networking
•     Arm processors
•     Android application development
•     MISRA / CERT C development practices

Whilst we have listed these skills, the successful candidate must be flexible to move to new opportunities as business objectives and workload dictate.
 

Qualifications/Experience:

• The ideal applicant would have several years of experience working with embedded software, with solution security responsibilities. However, the roles and responsibilities can be adjusted to fit, and a successful candidate will be supported to develop further.
• The successful candidate will typically have a fundamental technical understanding built on an Honours degree (minimum 2.1), a Master’s degree, or a PhD in a relevant discipline.
• We also expect candidates to be proficient in the use of standard PC-based office tools. We currently use Microsoft tools: Windows, Word, Excel, PowerPoint, Project & Visio.

Desirable:

Experience in one or more of the following areas:

• Mitre frameworks and tools (e.g. CAPEC, ATT@K, EMBED)
• Zero Trust security concepts
• Security assurance in critical environments
• Development using security solutions such as ARM Trusted Execution Environments (TEEs) or Separation Kernel Hypervisors
• Software Defined Radio
• Mobile application development
• Safety certification (e.g. Avionic or Automotive)
• Security certification (e.g. Common Criteria)
• Hardware debug and test
• Knowledge and experience in related areas, such as VHDL, firmware or electronic hardware, would be an advantage.
• Membership of a professional institution and professional engineering registration

Security Clearance statement 

Due to the nature of the work that we do at Thales, many of our roles are subject to security restrictions. This role requires you to be a UK National and achieve Security Clearance (SC) without any caveats. It would be advantageous if currently held, however, if not currently held, it is a requirement that the successful applicant undergo, achieve, and maintain SC Clearance prior to commencing employment. If approved by the MOD, a dual national from a Non-ITAR country may be considered. Please visit the UKSV website for further guidance.

To be eligible for full SC, you generally need to have resided in the UK for the last 5 years. In some circumstances, a minimum of 3 years’ residence in the UK over the last 5 years may be accepted, with additional overseas checks.

What We Can Offer

We’re committed to giving you opportunities to be your best. We believe in embracing the passion and potential of our people, and to achieve this we offer market leading training, development and experiences, along with the opportunity to be mentored and coached by some of the smartest minds in the industry. We hire from within as our first priority, so you’ll have a myriad of opportunities within our diverse, global organisation.

Flexibility:

Your health and well-being matter to us and that’s why we offer you the flexibility to do what’s important to you; whether that’s part time hours, job sharing, hybrid working, or the ability to flex your start and finish times. Where possible, we support a working pattern that suits your lifestyle and helps you reach your ambitions.

Benefits at Thales:

Alongside a competitive base salary, we offer a variable compensation plan bonus and benefits package, which includes;

• Half day every Friday, usually finishing around 13:00pm
• Hybrid working
• Pension Scheme
• 28 days annual leave (Plus Bank Holidays)
• Life Cover
• Progression and Development Opportunities
• 24/7 Employee Assistance Program and access to mental wellbeing app
• Employee discount shopping schemes on major brands and retailers
• Development focused targets and relocation support can be provided if required along with a variety of learning, development and career enhancement opportunities.

Thales is an equal opportunities employer and diversity and inclusion are integral to the success of Thales.

#LI-RS1

In line with Thales' Baseline Security requirements, candidates will be asked to provide evidence of identity, eligibility to work in the UK and employment and/or education history for up to three years. Some vacancies may require full Security Clearance which can require further evidence to be provided. For further details of the evidence required to apply for Baseline and Security Clearance please refer to the Defence Business Services National Security Vetting (DBS NSV) Agency.

At Thales we provide CAREERS and not only jobs. With Thales employing 80,000 employees in 68 countries our mobility policy enables thousands of employees each year to develop their careers at home and abroad, in their existing areas of expertise or by branching out into new fields. Together we believe that embracing flexibility is a smarter way of working.

Thales UK is committed to providing an inclusive and barrier-free recruitment process. We will provide reasonable adjustments and support to ensure neuro-diverse applicants or those with a disability or long-term condition can be their best during the recruitment process. To request an adjustment, if you need this job advert in an alternative format or if you have any questions about the recruitment process, please contact Resourcing Ops for mid to senior roles, or the Early Careers Team for graduate and apprentice roles.

Great journeys start here, apply now!