Firmware Security Engineer
Indexed description
We believe in the power of in-person collaboration and the benefits of a strong workplace community. Therefore, this role requires an onsite presence at either our South Burlington, VT or Cary, NC office. We highly encourage candidates who are able to relocate or comfortably commute to apply.
In this role, you'll be responsible for:
- Collaborating with the security team to identify and mitigate firmware vulnerabilities.
- Executing firmware development tasks focused on vulnerability mitigation.
- Partnering with the firmware development team to define precise BIOS specifications.
- Collaborating with external parties throughout the vulnerability management lifecycle.
- Validating the function of firmware and BIOS on hardware prototypes.
- Actively participating in the continuous improvement of the company's hardware and firmware development processes.
- Driving comprehensive vulnerability lifecycle management.
- Supporting product security initiatives and managing customer communications regarding related issues.
Learn more about Life at OnLogic: www.onlogic.com/life-at-onlogic
Requirements
- Bachelor's degree or higher in Computer Science, Cybersecurity, Software Engineering, or Electrical Engineering.
- 5+ years of firmware security management experience, preferably in the industrial PC industry working with BIOS/UEFIs.
- Proven expertise in embedded systems security, with a strong focus on threat modeling, risk assessment, and security implementation.
- Strong command of UEFI security standards (e.g., TPM 2.0, Secure Updates , Capsule updates, Secure/Trusted/Measured Boot, Intel BIOS/Boot Guard, Intel PTT, Intel TXT).
- Experience collaborating in a leadership capacity across multiple engineering disciplines, such as mechanical, electrical, firmware, and security.
- Hands-on experience in embedded firmware debugging using JTAG-based debuggers and logic analyzers.
- Deep understanding of the vulnerability lifecycle, including scanning, CVE management, and risk mitigation strategies.
- Ability to collaborate with teammates on the Cybersecurity, Component Engineering, and other engineering teams to implement secure and compliant development processes .
- Capability to contribute to the Firmware Security Development Lifecycle by supporting its development at various stages, including design, threat analysis, implementation, validation, vulnerability testing, certification, and audit.
- Strong background in software development, including proficiency in Python.
- Experience with version control systems (such as Git) and standard software development processes.
- Solid understanding of PC hardware architectures, BIOS, and Linux operating systems.
- Extensive experience with microcontrollers, including their core architecture and operation.
- Familiarity with common security standards and certifications (e.g., Common Criteria, MITRE, FIPS, ISO 27001:2022, IEC 62443).
- You understand the leadership muscles required to effectively guide and inspire teams.
- You are a clear communicator who can provide examples of setting expectations and holding teams accountable to outcomes.
- You have a demonstrated ability to build and develop a high-performing team.
- You are a creative problem solver with innovative ideas to support our shared future growth and success.
- You are a proactive self-starter with the ability to work in a fast-paced environment and think independently.
- You are an effective communicator who can deliver critical feedback constructively while collaborating cross-functionally.
- You are technically adept, embrace innovation and automation, and always approach your work with an eye toward continuous improvement.
Diversity is an essential element of our core values. Not just respecting, but actively embracing a variety of backgrounds, life experiences, and opinions, helps us foster innovation, enhances our problem-solving capabilities, and promotes learning and engagement among the members of our team. We strongly encourage those with diverse backgrounds to apply.
We are committed to providing a safe, inclusive, and harassment-free workplace for all employees. We do not tolerate any form of harassment, discrimination, or bias based on race, ethnicity, gender, sexual orientation, religion, disability, age, or any other protected characteristic.
To learn more about our values, our mission and what it's like to work at OnLogic, visit www.onlogic.com/careers.
Benefits
The salary range for this role is $100,000 to $120,000. We determine final compensation based on discussions with applicants and their experience in similar roles.
- A competitive salary based upon your experience and the requirements of the role
- A comprehensive benefits package
- 401k Plan with 3% Employer Contribution
- An Annual Profit Share Bonus
- Paid Maternity & Paternity Leave, and Short & Long Term Disability
- Opportunity to Participate in our Employee Stock Purchase Plan
- A personal development plan created to help you (and us) grow
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search