Product Security Analyst

Toradex · Campinas, São Paulo, Brazil · Engineering

Posted 2026-07-16

Apply for this role →

Overview

As a Product Security Analyst at Toradex, you’ll be responsible for the implementation, validation, and maintenance of security features in Toradex’s embedded software stack. That means hands-on, low-level work with bootloaders, Linux kernel security features, secure software updates and more.

We aim to make embedded software development easy and approachable, which means that our engineers have to go beyond just feature enablement. Your work will involve making the developer experience of working with low-level security features as smooth as it possibly can be. You’ll work on systems used in critical industries like healthcare, industrial automation, and robotics.

Responsibilities

Security feature enablement

Bring up security features on new hardware. Every new product we release, we strive to have a uniform, straightforward experience for enabling basic hardware security features like secure boot, ARM TrustZone/OP-TEE, and hardware-backed encryption.

System-level hardening

Toradex maintains Torizon OS, a secure, production-ready embedded Linux OS. Making sure that security features fit into the whole stack, and that configurations are secure-by-default for the most common and supported workflows is a key part of the job. Understanding how everything fits together is a must.

Vulnerability management

Monitor upstream CVEs, assess their impact on Toradex products and their likely impact on Toradex customers' products. Apply patches and mitigations. Help draft security advisories and write VEX documents. Work on and maintain internal tooling for vulnerability management.

Security testing and automation

Automate test coverage of security features. Familiarity with LAVA or other hardware-in-the-loop embedded testing methodologies and frameworks is a strong plus.

Note: You don’t necessarily need experience/expertise in all of these areas to apply, but some experience with at least two of these 4 areas would be a good indicator of fit.

Qualifications and Experience

Bachelor’s or Master’s degree in Computer Science, Electrical Engineering, Cybersecurity, or equivalent experience

Advanced communication skills in English, written and spoken

Available to work Hybrid from Toradex Office in Campinas/SP.

3+ years of experience in embedded systems security or adjacent areas (e.g. Linux security engineering)

Solid C/C++ coding and debugging skills

Experience with automating security checks in CI/CD pipelines

Knowledge of threat modeling/risk modeling methodologies and how they relate to regulatory and standards compliance is a plus

Knowledge of security evaluation and analysis tools like fuzzers and static analysis tools is a plus

Hands-on experience with bootloaders (e.g., U-Boot), kernel security features, and embedded Linux distributions/build systems (Yocto/OpenEmbedded, buildroot, etc.) is a plus

What we offer

Apply for this role →

← Back to all crypto jobs