About the role
Worker Sub-Type: Regular
Job Description: QNX® is a trusted supplier of safe and secure operating systems, hypervisors, frameworks and development tools, and provides expert support and services for building the world’s most critical embedded systems. We are the embedded experts. QNX was born in embedded, and provides time-tested and trusted foundation software, including our deterministic microkernel real-time operating system (RTOS), safety-certified products, middleware and security solutions, all purpose-built for embedded systems.
QNX software is trusted by more than 68% of the Electric Vehicle market by volume, 24 of the top 25 EV manufacturers and is running in more than 255 million vehicles globally. Our foundation products have been pre-certified to ISO 26262 ASIL D and we offer a broad range of board support packages, professional services, AUTOSAR adaptive support and middleware solutions – from acoustic management, to digital cockpits to advanced driving assistance (ADAS) - to accelerate development and help OEMs meet Start of Production (SOP) dates. Our customers count on us to convert awesome ideas into great products and services.
Are you the person we are looking for?
QNX has been a leading provider of operating systems in the embedded systems marketplace for over 30 years. Our products are used extensively in a wide range of systems: high-speed trains, in-vehicle infotainment, medical devices, advanced vision systems, and more. The QNX product Security Operations team is growing. We’re looking for talented individuals with an interest in cybersecurity and advanced embedded technology.
Job Duties
- Analyze vulnerabilities and write assessments for them..
- Maintain product catalog for the purpose of continual vulnerability monitoring..
- Work with fuzz testing infrastructure and expand fuzz testing product coverage..
- Undertake research projects, in-depth vulnerability analysis and creation of vulnerability proof-of-concepts..
- Provide product security support to internal and external stakeholders.
- Run SCA scans on software deliverables and write summary vulnerability reports..
- Work with development teams, and project managers to help bring security incidents to a conclusion..
- Review documents (release notes, requirements, designs, test plans & reports) from a Cybersecurity point of view..
- Support security communications by contributing to advisories.
- Automating things - process activities, fuzz testing, scanning and reporting, etc.
Preferred Qualifications
- C/C++ and Python.
- Hands-on experience working with embedded operating systems, including configuration, development and debugging..
- Knowledge of CVE, CWE and CPEs.
- Experience assessing and reporting on vulnerabilities.
Assets
- Excellent communication skills.
- Experience working on Ubuntu/Linux platforms.
- Must be able to work without supervision.
- Experience with fuzz testing tools and methodologies.
- Experience building and maintaining automated pipelines with Jenkins..
- Demonstrated ability to adapt to evolving technologies with a mindset and a desire to expand knowledge and skills..
Scheduled Weekly Hours: 40
About QNX
QNX, a division of BlackBerry Limited, enhances the human experience and amplifies technology-driven industries, providing a trusted foundation for software-defined businesses to thrive. QNX leads the way in delivering safe and secure operating systems, hypervisors, middleware, solutions, and development tools, along with support and services delivered by trusted embedded software experts. QNX technology has been deployed in the world’s most critical embedded systems, including more than 255 million vehicles on the road today. QNX software is trusted across industries including automotive, medical devices, industrial controls, robotics, commercial vehicles, and more. Learn more at qnx.com.
About the role
Worker Sub-Type: Regular
Job Description: QNX® is a trusted supplier of safe and secure operating systems, hypervisors, frameworks and development tools, and provides expert support and services for building the world’s most critical embedded systems. We are the embedded experts. QNX was born in embedded, and provides time-tested and trusted foundation software, including our deterministic microkernel real-time operating system (RTOS), safety-certified products, middleware and security solutions, all purpose-built for embedded systems.
QNX software is trusted by more than 68% of the Electric Vehicle market by volume, 24 of the top 25 EV manufacturers and is running in more than 255 million vehicles globally. Our foundation products have been pre-certified to ISO 26262 ASIL D and we offer a broad range of board support packages, professional services, AUTOSAR adaptive support and middleware solutions – from acoustic management, to digital cockpits to advanced driving assistance (ADAS) - to accelerate development and help OEMs meet Start of Production (SOP) dates. Our customers count on us to convert awesome ideas into great products and services.
Are you the person we are looking for?
QNX has been a leading provider of operating systems in the embedded systems marketplace for over 30 years. Our products are used extensively in a wide range of systems: high-speed trains, in-vehicle infotainment, medical devices, advanced vision systems, and more. The QNX product Security Operations team is growing. We’re looking for talented individuals with an interest in cybersecurity and advanced embedded technology.
Job Duties
- Analyze vulnerabilities and write assessments for them..
- Maintain product catalog for the purpose of continual vulnerability monitoring..
- Work with fuzz testing infrastructure and expand fuzz testing product coverage..
- Undertake research projects, in-depth vulnerability analysis and creation of vulnerability proof-of-concepts..
- Provide product security support to internal and external stakeholders.
- Run SCA scans on software deliverables and write summary vulnerability reports..
- Work with development teams, and project managers to help bring security incidents to a conclusion..
- Review documents (release notes, requirements, designs, test plans & reports) from a Cybersecurity point of view..
- Support security communications by contributing to advisories.
- Automating things - process activities, fuzz testing, scanning and reporting, etc.
Preferred Qualifications
- C/C++ and Python.
- Hands-on experience working with embedded operating systems, including configuration, development and debugging..
- Knowledge of CVE, CWE and CPEs.
- Experience assessing and reporting on vulnerabilities.
Assets
- Excellent communication skills.
- Experience working on Ubuntu/Linux platforms.
- Must be able to work without supervision.
- Experience with fuzz testing tools and methodologies.
- Experience building and maintaining automated pipelines with Jenkins..
- Demonstrated ability to adapt to evolving technologies with a mindset and a desire to expand knowledge and skills..
Scheduled Weekly Hours: 40
About QNX
QNX, a division of BlackBerry Limited, enhances the human experience and amplifies technology-driven industries, providing a trusted foundation for software-defined businesses to thrive. QNX leads the way in delivering safe and secure operating systems, hypervisors, middleware, solutions, and development tools, along with support and services delivered by trusted embedded software experts. QNX technology has been deployed in the world’s most critical embedded systems, including more than 255 million vehicles on the road today. QNX software is trusted across industries including automotive, medical devices, industrial controls, robotics, commercial vehicles, and more. Learn more at qnx.com.