Description

We are seeking a highly skilled and detail-oriented professional to join our team as a Common Criteria Evaluator. As a Common Criteria Evaluator, you will be responsible for evaluating and assessing the security functionality of information technology products based on the Common Criteria standard. Your role will involve conducting thorough evaluations, analyzing security documentation and providing detailed reports and recommendations. You will collaborate closely with cross functional teams and contribute to the overall improvement of product security and compliance. We are looking for people with a fascination for IT security. You will join a multidisciplinary team to execute security evaluations on state-of-the-art products such as, trusted execution environment, hypervisor, real time operating systems, artificial intelligence, secure elements, network devices, key managers, hardware security modules etc.

Responsibilities 

• Perform comprehensive evaluations of information technology products based on the Common Criteria standard
• Review and analyze security documentation, including security policies, specifications and test plans
• Conduct thorough assessments of security functionality, vulnerability analysis and risk management practices
• Utilize testing tools, methodologies and frameworks to assess the security of products
• Collaborate with product development teams to identify potential security vulnerabilities and propose mitigation strategies
• Prepare detailed evaluation reports outlining findings, analysis and recommendations Stay updated on the latest developments in the field of Common Criteria and security evaluation methodologies
• Collaborate with external evaluators, vendors and clients to ensure compliance with relevant standards
• Participate in the improvement and development of evaluation processes, methodologies and best practices Provide guidance and support to internal teams reg

Qualifications

Must 

• You have a Bachelor's or Master's degree in a technical field of study (computer science, telecommunications, electronics, physics, mathematics)
• You have strong analytical and problem solving skills with attention to detail
• You can work effectively both independently and collaboratively in a team environment
• You have strong organizational skills with the ability to prioritize tasks and meet deadlines You have English language skills

Desired 

• Solid understanding of security principles, cryptographic algorithms and security protocols
• Knowledge/experience in ISO27001, Common Criteria, SESIP, PSA, CSA, LINCE, NESAS, PCI
• Knowledge/experience in Smartcards, HSM, ARM, cryptography, web, networking technologies
• Experience in conducting security evaluations, vulnerability assessments or penetration testing

Additional Info

SGS Brightsight provides a very good training program, from the basics to expert level We offer a supportive work environment that fosters professional growth and development We offer a competitive salary package based on the candidate.

At SGS Brightsight you will:

• Be part of a multicultural team with highly motivated colleagues from all over the world
• Work for the recognized global leader in security evaluations
• Work with all major developers on their latest innovations
• Enjoy an informal and intellectually challenging work environment

Company Description

SGS Brightsight is part of SGS – the world's leading testing, inspection and certification company. At SGS Brightsight, we support companies in getting their products ready and in compliance with the latest security regulations and requirements. With over 35 years of experience in evaluating IT products in different industries, we evaluate these products against requirements set by governmental and private schemes. SGS Brightsight has been a Common Criteria and EMVCo hardware lab since 2002.