(Senior) Security Engineer Linux based platform (m/f/d), Berlin

Mercedes-Benz Molsheim est une entreprise du groupe Daimler, spécialisée dans la transformation de véhicules industriels. 600 collaborateurs travaillent sur le site de Molsheim.

Missions

In our team, we are developing features and tools to secure the future infotainment system and its platform for Mercedes-Benz cars.

As a Platform Security Engineer in our Product Security team, you will:

• Research on different security aspects of our platform
• Design, implement and configure different platform security components and features across multiple layers of our platform which will pave the way of a secure Mercedes-Benz OS (MBOS) in future.
• You will be able to apply your diverse security know-how in range of topics like hardware security, kernel security, application security, network security, and cryptography.
• Automate and integrate security hardening testing for our infotainment platform in CI/CD
• Review and approve merge request for security configurations & settings for our platform
• Support other teams in implementing and enabling platform security features.

Your Profile

Education:

• Degree in Computer Science, Information Technology, Electrical Engineering or a comparable qualification.

Experience:

• Abilty to seek and understand the security needs and researching the possible solutions
• Proficiency in shell scripting, Python, C and C++
• Experience with system programming (Linux is preferred)
• Deep understanding and hands-on experience working with at least one of the well-known Linux Security Modules (Apparmor, SELinux, SMACK, TOMOYO)
• Hands-on experience in other Linux security mechanisms like Discretionary Access Control, Access Control Lists, Linux Capabilities, CGROUPS, namespaces, seccomp
• Experience hardening Linux based system using different kernel hardening mechanisms and familiarity with Linux Kernel hardening projects like grsecurity, Kernel Self Protection
• Experience working with version control system (preferably git), with continuous integration tool like Jenkins, and with docker-based environment
• Familiarity with one (or more) low level architecture (x86, ARM, etc.)
• Familiarity with low level inner-working of operating systems
• Familiarity with Secure Software Development
• Familiarity with open source licenses

Nice to have:

Very nice to have one or more of:

• Upstream development/patching experience to the Linux Kernel
• Experience contributing/backporting to linux-stable for any Linux Kernel Security projects like Crytograhpic subsystem, Linux Security Modules (Apparmor, SELinux, SMACK, TOMOYO), grsecurity, dm-verity, IMA, Kernel Self Protection
• Security vulnerability analysis experience
• Familiarity with Trust Zone and security aspects of different virtualization technologies
• Kernel module development experience (in any OS)

Personal skills:

• Strong ability to work independently and effectively in a team environment
• Proficiency in problem solving and can-do attitude
• Personal initiative, commitment, perseverance and resilience
• Well-developed communication and teamwork skills

Language skills:

• Proficient in English, German is a plus!