Payment Assurance - Ottawa, Canada - Intertek

Intertek

Verified Company

Ottawa, Canada

2 weeks ago

Posted by:

Sophia Lee

beBee Recruiter

Description

PA Device Security Evaluator is involved with cybersecurity evaluations of payment devices to various Payment Card Industry (PCI) requirements including:

PIN Transaction Security (PTS) Point of Interaction (POI)
PIN Transaction Security (PTS) Hardware Security Module (HSM)
Softwarebased PIN Entry on COTS (SPoC)
Contactless Payments on COTS (CPoC)
Mobile Payments on COTS (MPoC)

Evaluations can include the following types of assessments:

Physical device security
Tamper detection mechanisms (e.g., the electrical/electronic components)
Sidechannel analysis
Secure boot
Cryptographic key management
Sourcecode review
Firmware/OS hardening
Secure software development lifecycle
Malformed input (i.e., fuzzing)
Vulnerability assessment and penetration testing
Reverse engineering
Policy, process, and procedure review

Device security analysis and assessments can require the use or knowledge of:

Standard hand tools
Drilling and rotary tools
Soldering
Heat and solvents
Electronic circuits
PCB design
File formats
Communication protocols
Secure coding and common weaknesses

The work is being done on client devices and as such, communicating the results of testing is necessary and done through technical reports.

In order to produce high quality reports, the following is needed:

Attention to detail including consistency and completeness
Ability to communicate effectively in English
Good use of figures, images, and tables
Effective use of the Office suite (Word and Excel in particular)
Communicating and working effectively within a small team
Communicating with clients
Being able to work in a shared lab environment
Being able to work independently
Being able to identify and understand limitations in tests
Being able to come up with new test plans or improvements on existing test plans

For this position, work is mainly in the office with potential for on-site client visits.

In addition to the assessment work, there will be opportunities to develop and deliver training and consulting to clients, which could be done virtually or on-site.

While the position is for the Payment Assurance area of the company, work in other related areas of the company (e.g., IoT security) may be assigned as needed.

Intertek believes that Our People are our strongest tool for success.

We are an Equal Opportunity Employer and do not discriminate against applicants due to veteran status or on the basis of disability.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, or gender identity

This position outline is a general guideline and does not represent all encompassing details.

The position assumes that the incumbent has both the mental and physical requirements to carry out the above defined duties.