Careers Form

" " indicates required fields

First name* 
Last name* 
This field is hidden when viewing the form
Max. file size: 256 MB.
Max. file size: 256 MB.
Untitled
Using your personal data 

We're committed to protect your privacy. C2A Security uses the information you provide to us to contact you about our products and services. You may unsubscribe from these communications at any time. For information on how to unsubscribe, as well as our privacy practices and commitment to protecting your privacy, please review our Privacy Policy .

Office Administrator

Risk-driven BOM management identifying true risks, enabling precise prioritization, resource allocation, and cost-effective mitigation.

Take Control of your BOM in Every Stage of the Product Lifecycle

A dynamic landscape such as the automotive and mobility industries demands a dynamic solution that revolutionizes vulnerability management, across all software products, systems and components.
BOM Management in the Cyber Model or Corporate Context

Create direct BOM or ingest with 3rd-party sources. Automatically validate and manage the BOM in the context of internal teams and external suppliers as part of EVSec sharing and collaboration capabilities (track, approve and validate).

Automated BOM Validation

Leverage EVSec’s binary analysis and BOM scanning capabilities for automated BOM validation, including dependencies, licenses, and weakness analysis, ensuring coherence.

Prioritizing Risk Based on True Impact
Calculate exploitability and prioritize across projects based on risk information from the Cyber Model.
Automated Analysis of True Impact
Utilizing risk information and EVSec’s patented analytical approach to risk management to assess the true impact of a vulnerability, prioritize efforts, and optimize mitigation to save time and money.
Integration with DevOps Toolchain for Security and Operations by Design
Integrate with incident management systems like ServiceNow and Jenkins, utilizing CI/CD APIs for automated, timely updates and notifications. Connect to ticketing an requirement management systems for full traceability and optimization of feedback from operations to development.
Automating Reporting for Compliance
Generate Vulnerability Exploitability eXchange (VEX) and ISO/SAE 21434 compliance reports with every change to the model.

Unlocking Insights

The inherent bond between EVSec BOM & Vulnerability Management and the TARA Information Layer

Automated Vulnerability Detection for the Software Defined Product

Streamlined BOM Management

Effectively manage BOMs within the context of the project or corporate ensuring accurate and up-to-date information.

Risk-Driven Vulnerability Prioritization

Automate the connection between risk and other product security information layers, enabling accurate risk-based identification, prioritization, and mitigation of emerging vulnerabilities.

True Impact Analysis

Leverage the understanding of the model together with risk scores from multiple databases to determine the real impact on your model and product.

Ease of Compliance and Reporting to Regulators

Benefit from a comprehensive toolkit for optimized security posture, automated and dynamically updated work products, and customizable reports for regulators and internal company stakeholders.

Accelerated Project Delivery

Streamline software development through automation and efficient collaboration, enhancing overall efficiency, security and Operations by Design.

“The method of integration between the BOM information and the TARA is a unique differentiator of EVSec, something we haven’t seen with other vendors.” 

Product Security Architect
US Tier 1 Supplier

Learn More About Our DevSecOps Platform

Analysis

Ensures adhering to regulations and standards with automated TARA

BOM & Vulnerability Management

Automates risk management, identifies and mitigates the impact of vulnerabilities

Attacker

Speeds-up vulnerability detection by automating fuzz and pen testing

Network & Endpoint Protection

Secures the mobility ecosystem through real-time on-board protection

SOC Enrichment & Analytics

Bridge the gap between the SOC and the product with an integrated event and analysis management module

AutoSynth AI

Accelerates threat intelligence and risk management with AutoSynth infrastructure layer

Follow Us

Join our newsletter
Facebook-f Linkedin

Speaker Profile

Geoffrey Mann

Senior Physical Threat Analyst

Health-ISAC

Speaker Profile

John Auld

CRO

C2A Security

John Auld serves as Chief Revenue Officer at C2A Security, where he leads the company’s expansion into healthcare following the strategic acquisition of Vigilant Ops. With 20 years of experience bringing together complementary technologies across regulated industries, John specializes in helping manufacturers turn cybersecurity from a compliance burden into a competitive advantage. A mechanical engineer by training with deep expertise in product lifecycle management, John champions Dynamic Risk Management as the bridge between component visibility and actionable intelligence. His mission: enable medical device manufacturers to innovate safely without sacrificing speed or patient safety.

Speaker Profile

Ken Zalevsky

VP and GM, Medical Technology

C2A Security

Ken Zalevsky brings over 20 years of medical device cybersecurity experience to his role at C2A Security, where he serves as VP and GM, Medical Technology, following the acquisition of Vigilant Ops in October 2025. A former Bayer executive, Ken founded Vigilant Ops in 2019 after witnessing the consequences of inadequate technical preparation in the healthcare industry. He is an active contributor to CISA’s SBOM working groups and a frequent speaker on software supply chain security. Ken’s mission: transform SBOM from a compliance checkbox into operational intelligence that keeps patients safe while streamlining regulatory processes.