Job Title

eInfochips (An Arrow Company):eInfochips, an Arrow company (A $27.9 B, NASDAQ listed (ARW); Ranked #154 on the Fortune List), is a leading global provider of product engineering and semiconductor design services. 25+ years of proven track record, with a team of over 2500+ engineers, the team has been instrumental in developing over 500+ products and 40M deployments in 140 countries. Company’s service offerings include Silicon Engineering, Embedded Engineering, Hardware Engineering & Digital Engineering services. eInfochips services 7 of the top 10 semiconductor companies and is recognized by NASSCOM, Zinnov and Gartner as a leading Semiconductor service provider.Location: Ahmedabad & PuneExperience: 8–14 yearsKey Skills: • Extensive experience with threat modeling frameworks (STRIDE, TARA) • Deep understanding of embedded system architectures (ARM/SoC, MCU) • Expertise in secure boot and hardware root of trust evaluations • Proficient in analyzing secure design and risk management methodologies • Strong knowledge of compliance standards (RED, IEC 62443, ISO 27001) • Ability to integrate architectural risk assessments with VAPT planning • Skilled in attack surface analysis for complex embedded systems • Experience with security assessment tools and architectural review platforms • Excellent technical documentation and reporting skills • Ability to mentor and guide engineering teams on secure design practices • Strong analytical and problem-solving skills • Proficient in developing detailed risk assessments and remediation plans • Experience in reviewing hardware-software integration for security gaps • Excellent communication skills for bridging technical and compliance teams • Proactive in keeping current with emerging design vulnerabilitiesResponsibilities: • Lead comprehensive architecture reviews and threat modeling assessments • Analyze device/system architecture for vulnerabilities impacting security • Define clear test objectives and attack scenarios based on design flaws • Translate architectural risks into actionable VAPT test cases • Oversee and guide the development of detailed security risk assessments • Collaborate with VAPT teams to ensure design vulnerabilities are tested • Provide mentorship and technical guidance to engineering teams • Document architectural weaknesses and recommend remediation measures • Coordinate with compliance teams to ensure design evaluations align with RED 18031 • Develop and maintain comprehensive architecture review documentation • Conduct periodic reviews and updates of threat models based on emerging risks • Participate in security workshops and training sessions on secure design • Evaluate secure boot, update processes, and hardware root of trust implementations • Review integration points between hardware and software for potential flaws • Present findings to both technical and non-technical stakeholdersQualifications & Certifications: • Bachelor’s or Master’s in Electronics, Embedded Systems, or Information Security • Preferred: CISSP, CSSLP, or equivalent secure design certifications • Familiarity with IEC 62443 and RED 18031 threat modeling practices is a plus