Worker Sub-Type:
Regular

Job Description:

The Opportunity:

The BlackBerry QNX Product Security Operations team is expanding, and we're looking for a technically curious and detail-driven Cybersecurity Analyst to help protect industry-leading embedded and RTOS software used across automotive, industrial, medical, and other regulated domains. In this role, you'll work deep in the intersection of open-source security, embedded software, and customer-facing product security, helping ensure QNX products meet the highest security standards in the industry.

What you'll do

• Perform technical analysis of open-source vulnerabilities (CVEs) and assess their impact on embedded and RTOS-based products.
• Own incoming external vulnerability reports, triaging severity, analyzing risk, and clearly communicating findings and urgency to engineering and business stakeholders.
• Maintain and manage the product security catalog, assessing CVEs flagged by automated monitoring and intelligence systems.
• Review, analyze, and report on Software Composition Analysis (SCA) scan results.
• Act as a product security point-of-contact, supporting both internal teams and external customers with security inquiries.
• Produce clear, technically accurate vulnerability assessment reports for customers.
• Collaborate closely with software development teams and project managers to drive security incidents through investigation, remediation, and closure.
• Operate effectively in a cross-functional, fast-paced environment, balancing multiple issues and priorities.
• Identify opportunities to improve and automate security operations processes, tooling, and workflows.

What we're looking for

• Hands-on experience working in or closely with product security teams.
• Experience performing vulnerability analysis and assessments.
• A solid working knowledge of CVE, CWE, and CPE ecosystems, including how they are used in real-world product security contexts.
• Strong analytical skills with the ability to translate technical findings into clear, actionable insights.
• Experience with embedded or systems software using C, C++, and/or Python.
• Familiarity with secure software development in regulated or safety-critical environments.
• Basic understanding of industry standards such as:
• ASPICE
• ISO 26262
• ISO 21434
• UNECE WP.29 R155
• Strong written and verbal communication skills, especially when explaining technical security topics to varied audiences.
• A high level of initiative, persistence, and ownership-you take problems through to closure.
• Comfortable working independently and managing your own priorities without close supervision.

#LI-KH1

Scheduled Weekly Hours:
40

Compensation Hiring Base Salary Range:
$80,000.00 - $112,500.00

Please be advised that the compensation hiring range indicated herein is provided solely as a good-faith estimate of expected base compensation for the position. The actual compensation offered will be determined at the time of hire and is contingent upon multiple factors, including but not limited to the candidate's qualifications, relevant experience, demonstrated skills, and results of assessments conducted during the hiring process.

Bonus:
The BlackBerry Variable Incentive Pay (VIP) program is an organization-wide bonus incentive program which aims to reward full-time eligible employees for their contribution to BlackBerry's success. VIP payments are made in addition to base salary and factor in company's performance as a way for employees to share in BlackBerry's achievements.

Benefits:
The BlackBerry Employee Benefits programs offer a wide range of benefits that support your physical, financial and personal well-being. BlackBerry remains committed to offering affordable benefits including coverage for medical, dental, vision, life, disability insurance, retirement, employee share purchase program and paid-time-off to those that meet the eligibility requirements.

Disclosure of Position Status:
This is an active opening. We are seeking to fill this position immediately