Logo NXP Semiconductors Austria

Software Security Analyst

New

Job

  • Level
    Senior
  • Job Field
    IT, Embedded, Security
  • Employment Type
    Full Time
  • Contract Type
    Permanent employment
  • Location
    Gratkorn
  • Working Model
    Onsite
  • Job Summary

    In this role, you will perform in-depth analysis of embedded systems, identify security vulnerabilities at the low-level, and integrate modern AI methods to enhance security analysis workflows.

    Job Technologies

    Your role in the team

    • We are seeking a Senior Embedded Security Vulnerability Analyst to perform deep technical analysis of embedded systems, focusing on identifying and understanding vulnerabilities at the hardware/software boundary.
    • You will analyze low-level firmware, boot code, and system components to uncover exploitable weaknesses and work closely with development teams to drive secure designs.
    • The role requires a strong systems mindset, curiosity for attack techniques, and the ability to reason about complex execution environments.
    • You will also leverage and help shape modern analysis approaches, including AI-assisted vulnerability discovery workflows, to improve both depth and scalability of analysis.
    • If you are already exploring how LLMs and agentic workflows can augment deep code and system analysis, this role provides an opportunity to apply and advance these approaches in a real-world embedded security setting.
    • Perform in-depth vulnerability analysis of embedded software (bare-metal, RTOS, trusted execution environments).
    • Analyze boot flows, privilege boundaries, and security-critical components (e.g., crypto libraries, key handling, isolation mechanisms).
    • Conduct root cause analysis and assess exploitability and impact of identified weaknesses.
    • Support security certifications and evaluations (e.g., PSA, SESIP, Common Criteria).
    • Analyze PSIRT incidents and derive structural improvements.
    • Develop and apply analysis methodologies and tooling (static analysis, fuzzing, scripting, automation).
    • Apply and evaluate AI-assisted techniques for code analysis and vulnerability discovery (e.g., LLM-based workflows).
    • Design and refine workflows that combine traditional analysis (static and dynamic) with AI-assisted approaches.
    • Research and evaluate emerging attack techniques relevant to embedded systems.
    • Collaborate with development teams to translate findings into concrete mitigations.

    This text has been machine translated. Show original

    Our expectations of you

    Education

    • Degree in Electrical Engineering, Computer Science, Mathematics, or related field.

    Qualifications

    • Strong understanding of low-level system behavior (memory layout, interrupts, privilege levels, concurrency).
    • Vertrautheit mit statischen und dynamischen Analysetools, Fuzzing oder symbolischer Ausführung.
    • Understanding of common vulnerability classes (memory corruption, logic flaws, side channels).
    • Strong analytical thinking and curiosity about how systems fail under adversarial conditions.
    • Ability to work independently and drive complex technical investigations.
    • Interest in combining deep technical analysis with modern AI-assisted techniques.
    • Clear communication of technical findings and risks to diverse audiences.
    • Collaborative mindset when working with development and architecture teams.

    Experience

    • Solid experience in C programming; familiarity with ARM and/or RISC-V architectures.
    • Experience with assembly-level debugging and analysis.
    • Experience with vulnerability research, reverse engineering, or exploit development.
    • Experience with debugging interfaces (e.g., JTAG, trace, GDB).
    • Experience using or evaluating AI-assisted code analysis or vulnerability discovery tools.
    • Experience building or integrating automated analysis workflows (e.g., scripting, pipelines, agent-based approaches).
    • Rust experience or interest in memory-safe system design.

    This text has been machine translated. Show original

    What we offer

    • The successful candidate may/will be responsible for security-related tasks.
    • The assignment may/will be in scope of security certifications, therefore a conscious and reliable way of working is necessary.
    • For applications in Gratkorn: NXP provides market competitive compensation according to the benchmarking of the electronic and semiconductor industry.
    • Due to the Austrian Equal Treatment Act, we are obliged to specify the employment group of our applicable collective bargaining agreement (CBA) "Kollektivvertrag für Angestellte Gewerbe und Handwerk und in der Dienstleistung." This position (full-time) is classified in Employment Group V.
    • Your individual experiences and expectations will be considered in the application process.
    • Moreover, we provide attractive benefits to our employees such as home office, flexible working hours, meal benefits, and more.

    This text has been machine translated. Show original

    Benefits

    Work-Life-Integration

    Food & Drink

    More net

    Health, Fitness & Fun

    Topics that you deal with on the job

    Job Locations

    Map of company locations
    • Location Gratkorn

      8101 Steiermark

      Austria

    This is your employer

    NXP Semiconductors Austria

    NXP Semiconductors Austria

    Gratkorn

    NXP Semiconductors is a global leader in microelectronics with subsidiaries in more than 25 countries. The Gratkorn site near Graz is the Austrian headquarters of the international group and the competence center for secure contactless identification systems.

    Description

  • Founding year
    2006
  • Language
    English
  • Company Type
    Established Company
  • Working Model
    Full Remote, Hybrid, Onsite
  • Industry
    Industry, Production
  • Dev Reviews

    by devworkplaces.com

    Total

    (2 Reviews)
    3.7
    • Engineering

      3.4
    • Culture

      3.7
    • Workingconditions

      4.2
    • Career Growth

      3.5
    Show All Dev Reviews
    Logo NXP Semiconductors Austria

    Software Security Analyst

    Location
    Gratkorn
    Working Model
    Onsite
    Diversity
    Open for all genders
    English Only
    English only required

    More Jobs