Senior Security Infrastructure Engineer/ KMS (m/f/d)

HARMAN’s engineers and designers are creative, purposeful and agile. As part of this team, you’ll combine your technical expertise with innovative ideas to help drive cutting-edge solutions in the car, enterprise and connected ecosystem. Every day, you will push the boundaries of creative design, and HARMAN is committed to providing you with the opportunities, innovative technologies and resources to build a successful career.A Career at HARMANAs a technology leader that is rapidly on the move, HARMAN is filled with people who are focused on making life better. Innovation, inclusivity and teamwork are a part of our DNA. When you add that to the challenges we take on and solve together, you’ll discover that at HARMAN you can grow, make a difference and be proud of the work you do everyday.About the RoleWe’re looking for a Senior Security Infrastructure Engineer/ KMS to join our Global Product Cybersecurity. The security team has the charter to define external and internal interfaces for secure provisioning and trusted computing base TCB) updates of our embedded products and platforms.As part of our work on foundational security and to enable Trusted Execution Environments, we are building the security infrastructure services necessary to support secure device provisioning and lifecycle management for the SOC-Integrated Root of Trust (RoT), and manage the trusted elements of the platform.If you are passionate about Product Security and want to develop solutions that will secure our enterprise across all Automotive lines of business, then we want to talk to you.What You Will DoCollaborate closely with the Automation and SSDLC team to enable product security to be proactive part of our product development and maintenance processLead the design, development, and deployment of security infrastructure services for key management, manufacturing provisioning, certificate authority, and code signingLead the design and development of APIs, protocols and services for enumeration, configuration and management of platform assetsLead the development of policies and procedures associated with key generation / managementInterface with manufacturing partners to install, troubleshoot and debug security provisioning aspectsInterface and lead SW teams to build the components required for hosting the services along with any SDKs required for partnersDay-to-day operations of security infrastructure servicesWhat You NeedBachelor or Master Degree in Computer Science or a technical subject area, with 4+ years of industry experience in a developer role with security backgroundProficiency programming in C/C++/Java or equivalent UI capable language and/or programming in Python or equivalent scripting languageFull stack developer with fault-tolerant systems experience and security backgroundKnowledge of hardware security module (HSM) appliance integration and coding for code signing services, secure payload decryption, certificate signing, device ID generation, etc.Ability to understand complex vehicle systems, identify their attack surface and prioritize attack vectorsExperience with integrating remote systems with automatic test equipment (ATE)Operational experience in deploying and maintaining an HSM, code-signing, access control management, web services deployment, software upgrades, CI/CD flowsUnderstanding of security flows, key generation, secure key delivery, access control tokens, key cards, n of m quorums, and other secure processesUnderstanding of crypto primitives such as keys, signatures, certificates, etc.VPN, SSL, secure connection experience (programming and configuration)Strong German language levelAbility to communicate openly and empathetically, and a strong team playerBold, innovative and enjoy challenging yourselfWhat is Nice to HaveAutomotive cybersecurity experience (preferably from Tier-1 or OEM)Experienced with Docker, containerization, microservices, ECS, Kubernetes, CloudHSM6+ years’ in the encryption and key management security disciplineExperience in IoT / Embedded systems security engineeringActive participation of conferences, consortiums, CTFs (capture the flag) or publications, blogs or repositories of past Cybersecurity workWhat We Offer HARMAN offers a diverse and inclusive work environment that fosters and encourages career development opportunities, professional training and competitive market base compensationYou will also receive top-notch employee discounts on Harman’s Consumer Audio (JBL, AKG, HARMAN Kardon) and Samsung productsFlexible work schedule with a culture encouraging work life integration and collaboration in a global friendly working atmosphere and good work-life-balanceAttractive salary package based on the Metall & Elektro Tarif Baden Wurttemberg and an Employer contribution towards a company pension planProfessional development opportunities through HARMAN University’s business and leadership academies which also includes extensive technical trainingsInternal talent management leadership acceleration programs“Be Brilliant” employee recognition and rewards programHARMAN is proud to be an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard torace, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.