We’re looking for Security Assessors and Story Tellers
published on February 3, 2019
In the diversity of security evaluations Brightsight performs, we are looking for people who convincingly can explain the level of product security to our approval bodies.
For the full version of this vacancy see the following pdf file: CC Security Assessors
The essence of any security evaluation is understanding the security of a product and explaining whether this product meets a certain standard. Brightsight is looking for people who can support our evaluations with this.
One of the methods we use is the international standard for IT security evaluation, the Common Criteria. You will join our team of over 30 Common Criteria evaluators. These evaluators bring together all essential elements of the standard in each security evaluation. For each product they align the security evaluation requirements, the product security, and the judgement of the approval body. To that end, a complex balance must be achieved between security, convincing argumentation, customer needs, and the requirements of approval bodies.
Brightsight is looking for people who take pride in their ability to both understand the security of a product and assess it in the context of the requirements of a certain security level. We work for many different types of customers and approval organisations. This means the story told must be adapted to accommodate different stakeholders every time.
In this position, you will be part of the project team that performs evaluations. You will document the compliance of the product with the requirements and prepare the presentation of the conclusions for the approval bodies. Brightsight has experience with a wide range of products, such as Host Security Modules, e-passports, routers, integrated circuits, in-car devices, smart card banking applications, payment terminals, Javacard platforms and USB sticks.
To get up to speed for this position you will participate in the Brightsight Extensive Education Docket (BREED), a one-year training program on Methodology and Technology.
Our job requirements
We are looking for people with a master’s or Ph.D. degree in a technical field (Computer Science, Electronics, Physics, Mathematics). You must have a proven ability to communicate knowledge convincingly, both orally and in writing. Understanding methodological aspects is as important as understanding the technology. Understanding of system modelling is an advantage, as is experience with security evaluations. You have a good command of the English language.
How you can contact us
For more information, please contact Mark Balkenende, HR Manager, +31 15 2692500 or send your resume to firstname.lastname@example.org*.
* Using this number or email for marketing is not appreciated.