• Design, build, and harden software that protects our products, platforms, and customers. • Enhancing current security features and implementing new security features for the Telit Cinterion deviceWISE family of products. • Performs coding, debugging, testing, and troubleshooting on a variety of operating systems and gateways • Develop solutions for a variety of Windows and Linux operating system environments • Organizes and schedules their work and determines the best approach to solve a range of highly complex technical problems • Participates in architecture, design, code reviews and unit testing • Mentors other engineers • Works independently and collaborates well with others • Follows and improves our design, verification, build, and release processes • Embeds security controls (auth N/Z, key management, secrets handling, secure logging, input validation, least privilege) into microservices, APIs, and device/edge components. • Performs and/or remediates threat modeling, static/dynamic analysis (SAST/DAST), dependency scanning (SCA), container image scanning, and IaC checks as part of CI/CD. • Develops security tooling, libraries, and SDKs to standardize secure patterns for development teams. • Partners with other product and platform development teams to design and implement encryption-in-transit/at-rest, certificate rotation, secure boot, code signing, and OTA update hardening. • Collaborates with cloud/edge and OT/IoT engineers to harden interfaces to logic controllers, PLCs, gateways, and sensors • Works to segment networks and secure protocols (e.g., MQTT, OPC UA, Modbus/TCP where applicable). • Reviews designs and code for security vulnerabilities; conduct pen-test remediation and coordinate fixes to meet release timelines. • Contributes to secure coding guidelines, developer training, and security champions programs. • Instruments runtime monitoring and develop detections to surface misuse, anomalous behavior, and policy violations. • Documents design, security controls, and residual risks to support audits and customer questionnaires. • Focuses on security and compliance in the context of operations and enterprise technology to fully address and comply with global regulatory compliance (ISA-99, IEC-62443, NIST SP 800-82), the Cybersecurity Resiliency Act (CRA), and integration, certification, and deployment of FIPS 140-3.