Dieses Stellenangebot ist nicht mehr verfügbar
Über
Duration: 1-3 Months (Flexible)
Project Overview:
I'm seeking an experienced Freelance Cybersecurity Analyst to conduct a comprehensive IoT system analysis and threat modelling exercise, ensuring compliance with EN and EN standards (experience with those standards are not required, but highly appreciated). This project focuses on evaluating the security posture of our IoT-enabled hardware products and associated systems.
Responsibilities:
IoT System Analysis: Conduct a thorough analysis of our IoT devices and their integration, to identify potential vulnerabilities and security risks.
Threat and Risk Modeling:
Apply established methodologies, including STRIDE preferable or NIST Risk Management Framework or OCTAVE, to identify and assess potential threats.
Conduct detailed STRIDE analysis, emphasizing its application to IoT hardware, firmware and software components.
Develop comprehensive threat models and risk assessment reports, outlining identified vulnerabilities and recommended mitigation strategies.
Compliance Assessment: Ensure that our IoT products meet the requirements of EN and EN standards.
Documentation: Prepare detailed reports documenting the system analysis, threat models, risk assessments, and compliance findings.
Recommendations: Provide actionable recommendations for improving the security posture of our IoT products.
Required Skills and Experience:
Proven experience as a Cybersecurity Analyst, with a strong focus on IoT security.
In-depth knowledge of threat and risk modelling methodologies, particularly STRIDE.
Experience conducting IoT system analysis and security assessments.
Understanding of EN and EN standards is a benefit.
Experience with hardware-based products is a large benefit.
Excellent analytical and problem-solving skills.
Strong written and verbal communication skills.
Ability to work independently and meet deadlines.
Proactive approach and open communication
Preferred Qualifications:
Experience with specific IoT security protocols and technologies.
Experience with hardware reverse engineering.
Experience with hardware pen-testing.
Deliverables:
Detailed IoT system analysis report.
Comprehensive threat models and risk assessment reports (including STRIDE analysis).
Compliance assessment report (EN and EN evidence spreadsheet).
Gap analysis report
Actionable recommendations for security improvements.
How to Apply:
1. Please submit your previous experience in cybersecurity Include examples of previous threat modeling or system analysis work, especially those related to IoT.
2. Provide examples: Share samples of your reports and deliverables.
3. Emphasize your understanding of EN and EN : If you have direct experience with these standards, make sure to mention it. A lack of experience in those standards is not disqualifying. Standards will be delivered to you.
4. A lists of content of these standards are available for free. Make sure you take a look before applying. Google: " preview pdf"
Contract duration of 1 to 3 months.
Mandatory skills: Security Analysis, Tech & IT, Regulatory Compliance, Cybersecurity Management
Sprachkenntnisse
- English
Hinweis für Nutzer
Dieses Stellenangebot wurde von einem unserer Partner veröffentlicht. Sie können das Originalangebot einsehen hier.