seeks Hardware Security Engineer

[…]AWS Security is looking for an experienced Senior Security Engineer, specializing in hardware technologies[…]
— IoT network technologies (Z-Wave, Zigbee, Bluetooth/BLE, WLAN, identity/auth security)
— Hardware security (PCB, JTAG, UART, SPI, ROM, microcode, custom ASIC/FPGA)
— x86 and/or ARM chipset and firmware security (TPM, UEFI, TrustZone, secure boot)
— Local encryption and key management (LUKS, BitLocker, self-encrypting drives, etc)
— PKI and code signing architecture (X.509, EV SSL, certificate pinning, OCSP, CRL, etc)
— hardware cryptography (certificates, attestation, TPM/HSM)
— embedded/IoT solution design and security considerations

Facebook seeks Silicon Security Architect

Facebook Reality Labs, or FRL, focuses on delivering Facebook’s vision through Augmented Reality (AR). Compute power requirements of Augmented Reality require custom silicon. Facebook Silicon team is driving the state of the art forward with breakthrough work in computer vision, machine learning, mixed reality, graphics, displays, sensors, and new ways to map the human body. Our chips will enable AR devices where our real and virtual world will mix and match throughout the day. We believe the only way to achieve our goals is to look at the entire stack, from transistor, through architecture, to firmware, and algorithms. We are looking for a Security Architect who will work with a world-class group of researchers and engineers.[…]
* Drive a silicon security architecture that includes functions from secure boot, to encryption, to protection to device authentication.

Dell seeks Vulnerability Researcher

The Dell Security & Resiliency organization manages the security risk across all aspects of Dell’s business.

Responsible for discovering and exploiting vulnerabilities affecting Dell software and firmware

Developing and maintaining tools to assist in vulnerability research and exploit development

5+ years direct or equivalent experience in areas of vulnerability research, exploit development, reverse engineering and fuzzing

Required skills of a nation-state attacker/defender

I occasionally post interesting job postings from security firms or device makers. I usually avoid all of the US military-focused jobs, things that require secret clearance, etc. But there’s a LOT of military postings, a LOT more than the from the device makers and civilian security firms. Below are a few excerpts from a job posting from a US DOD contractor job description, if you’ve any doubt that firmware-level attacks are a thing or not, and what attack skills and tools are being considered, below job posting is fairly verbose. I really wish I knew how to track similar jobs from all governments, not just from US-based job sites, that would be fascinating to compare different state actors in this way.

OEMs: look at how governments are attacking your hardware, it isn’t just hobbyist hackers having fun on Twitter. Please make more secure hardware.

Excerpt from:

Senior Hardware Exploitation Engineer

Overseeing the reverse-engineering, failure analysis, and vulnerability analysis of hardware to identify exploitation opportunities

Leading the modification of hardware to either enable forensic analysis of the media or to change the functionality of the hardware for other purposes.

Managing a microelectronics exploitation laboratory, consisting of state-of-the-art tools for inspection, imaging; decapsulation, deprocessing, and other activities related to hardware-reverse engineering and exploitation

Directing the enhancement and maintenance of frameworks, processes, design patterns, techniques, tools, and standards for conducting hardware exploitation of digital media

Performing full-scope forensic examinations from the hardware aspect of media.

Employing reverse-engineering tools and methods to determine vulnerabilities of the device for technical exploitation purposes.

Determining how a device boots/initializes, and obtaining a binary that can be used for reverse engineering.

Leading teams and participating in the analysis of embedded platform firmware and operating systems to understand security vulnerabilities associated with various platform communication links

Leveraging knowledge gained through the reverse-engineering and other research techniques to enhance low-level C and assembly applications for embedded ARM platforms that interface directly with platform hardware

Reverse-engineering skills on embedded systems with proprietary operating systems for the express purpose of introducing functionally to an already existing fielded system.

Experience examining a hardware platform to understand the software and hardware interaction of embedded systems.

Experience with embedded system design, communication with peripheral devices at the hardware level, and reverse-engineering of system software.

Experience in Microprocessors/Architectures: ARM, MlPS, RISC, PowerPC, XScale, StrongARM, x86. Familiarity with microprocessor instruction sets is highly-desired.

Experience with the following Operating Systems: VxWorks, Integrity, Embedded Linux, JunOS, Linux, Unix, Windows Embedded. Experience with RTOS is highly-desired.

Experience using the following Hardware Tools and Debuggers: Green Hills Probe, SuperTrace Probe, Slingshot, spectrum analyzer, logic analyzer, JTAG, Agilent Technologies equipment.

Diverse Lynx: seeks PenTester to use CHIPSEC [against Lenovo?]

Lenovo working throug an external pentest firm? Wish I saw more OEMs asking for appropriate job skills.

If you’re thinking about applying, look at some of the reviews for this consulting firm before doing so. Maybe look if Lenovo has a direct position open as well.

Diverse Lynx: Penetration tester
[…]It is also firmware analysis which according to Lenovo is analyzing anything that may be on disk. […] Chipsec needs to be used for this assessment. It’s for UEFI attacks, but it’s fairly automated.[…]


Intel Platform Armoring and Resiliency group seeking senior security researcher

The Platform Armoring and Resiliency SSG/STO/PSI/PAR organization is looking for a senior security researcher. The ideal candidate will be responsible for secure design, development and operation of Intel’s hardware and software products and services. […]

I wonder, is this to fill John’s recently-vacated position? 🙂



HPE seeks senior UEFI developer

Senior UEFI Development Engineer
Job ID 1023806

Strong knowledge in UEFI security or firmware security in general.
Strong knowledge in TPM, Secure Boot, TXT, and RSA.
Knowledge of industry standard technologies including ACPI, USB, SMBIOS, IPMI, Redfish, and PCI express.
8+ years’ experience in firmware or BIOS/UEFI development.
In-depth knowledge of UEFI architecture and development (focused on the EDK2 development environment).

Intel seeks BIOS/UEFI Tools Developer

BIOS-UEFI Firmware Tools Engineer

As BIOS-UEFI Firmware Tools Engineer you will develop tools and scripts needed for build and test automation infrastructure that is the backbone of the the Continuous Integration process in Intel’s Data Center UEFI firmware BIOS team.[…]

PS: I need to figure out a way to get some swag/etc from jobs that’re filled via this blog. ;-(

PS: Intel HR: spaces in URLs is generally frowned upon.


Amazon [Snowball] seeks Senior Hardware Security Engineer

Sr. Hardware Security Engineer

AWS Security is looking for an experienced Senior Security Engineer, specializing in hardware technologies, to help ensure AWS services are designed and implemented to the highest possible security standards. You will be responsible for supporting AWS service teams in the secure design of services, including customer-facing services with hardware components such as AWS Snowball. As the primary technical and strategic advocate for a variety of AWS-wide security initiatives, you will help internal and external partners to design from the beginning with security in mind.This is not an entry-level position, and a confident understanding of hardware/firmware security and the ability to collaborate with other leaders across the industry are essential to success in this role.
* Demonstrate *exceptional* judgment, integrity, business acumen, and communication skills
* Minimum 4 years of experience with two or more of the following categories:
— IoT network technologies (Z-Wave, Zigbee, Bluetooth/BLE, WLAN, identity/auth security)
— Hardware security (PCB, JTAG, UART, SPI, ROM, microcode, custom ASIC/FPGA)
— x86 and/or ARM chipset and firmware security (TPM, UEFI, TrustZone, secure boot)
— Local encryption and key management (LUKS, BitLocker, self-encrypting drives, etc)
— PKI and code signing architecture (X.509, EV SSL, certificate pinning, OCSP, CRL, etc)


AWS Snowball:

Microsoft Azure team seeks senior security firmware engineer

“2 years using Secure Boot” 🙂

Senior Security Firmware Engineer-CSI/Azure-Cloud Server Infrastructure

The Cloud Server Infrastructure Firmware Development (CSI-FW) team is responsible for server hardware definition, design and development of Server and Rack Infrastructure engineering for Microsoft’s online services. […] This role is for a highly motivated Senior Firmware Engineer with a background in embedded systems and security technologies. […] We are looking for someone with strong systems background and passion for security and Real Time OS internals. The successful candidate should have experience with some of the following: Real Time Operating Systems, Embedded Systems, Secure boot technologies and strong C development.

* 2+ years using or implementing Secure boot, and Protocol Security using I2C, SPI, USB or UART buses


Intel seeks senior security researcher

Job ID: JR0037962
Job Type: Senior Security Researcher

Intel Security Center of Excellence’s goal is to be a prominent leader in the industry to assure security in computing platforms by conducting advanced security research. If you are a seasoned threat, vulnerability and exploit research expert who craves for tons of fun and pride in raising the security bar for ubiquitous computing systems, we would like you to join us as a proud member of Intel’s Advanced Security Research Team. Through your deep vulnerability analysis and mitigation development expertise, you will influence the security of a variety of Hardware, Firmware, Software & Systems spanning a range of products including Devices, Cloud, Auto, IOT, AI, VR, Drones, and Networks.

* Knowledge of computer architecture CPU, SoC, chipsets, BIOS, Firmware, Drivers, and others


Spaces in URLs!

Apple seeks Junior UEFI Security Engineer


S3EuroCom seeks firmware security PhD students

Engineer position(s) in firmware analysis
We are looking for a research and software development engineer with experience and interest in software development (python, C…) applied to embedded device firmware analysis. In particular, the project will involve working with Avatar2 and/or Angr. The work will take place at EURECOM and will involve some external collaboration. The candidate is expected to have experience in software development and experience, interest in, or willingness to learn, embedded devices analysis, firmware analysis, reverse engineering. This position is flexible, it may be suitable for a Post doc as well as for a freshly graduated master student. If the collaboration is successful, the position may also be changed to a PhD after one year.


Resolvit seeks CHIPSEC-savvy Pentester

It is still rare enough to see “CHIPSEC” in a job posting, that I still point them out.

Given job posting is a pentest role, this is also a ‘leading indicator’ that pentesters are starting to attack your firmware. 🙂

Penetration Tester – Product
Join Resolvit as a Penetration Tester and be part of a creative, forward-thinking team. Our success at deploying skilled, highly knowledgeable experts has landed us on the Inc. 5000 list of America’s fastest-growing companies four times – and we’re just getting started. As the Penetration Tester, you will configure security test targets such as servers, storage, and networking environments; perform product security assessments; create assessment reports; and work with global product teams to review assessment results.[…]
Experience with multiple of these security assessment tools: AppAudit, Arachni, Burp Suite Pro, CHIPSEC, nmap, Nessus, Protecode SC, and Metasploit

Amazon Hardware Security team seeks senior TPM

The AWS Hardware Infrastructure Security Team is looking for an experienced, Senior Security Program Manager to help ensure the global infrastructure supporting AWS is designed and implemented to the highest possible security standards.
* Minimum of 6 years of experience with two or more of the following categories:
— Data center internals (leaf/spine networking, power/cooling, NTP, DHCP, DNS, IPMI/iLO)
— Hardware security technologies (TPM, TrustZone, Secure Boot, UEFI, HSM, ROM, etc)
* Intermediate knowledge of crypto security (e.g. certificate handling, attestation, TPM/HSM)
* Intermediate knowledge of Windows, Linux, and hypervisor security (especially in cloud)
* Intermediate knowledge of common security protocols (e.g. RDP, TLS, SNMP, SSH, IPMI)

Apple seeks UEFI firmware engineer

Mac Firmware Engineer

The Mac Platform Software team is looking for a firmware engineer to join a new Austin-based team responsible for developing Apple’s UEFI implementation and related technologies for the Mac product line. Mac Platform Software is responsible for bringing up macOS and Windows on all new Mac products, including the development and integration of firmware and systems software for macOS and Windows, the development of platform-level features for the Mac, and the leadership of cross-functional debug and optimization efforts across hardware and software teams. A Mac Firmware Engineer is responsible for the development of Apple’s UEFI implementation and its related technologies. UEFI provides the boot firmware for all Mac systems and plays a critical role in system stability, performance, and battery life. This role also contributes to development of the boot loader and firmware update mechanisms, as well as other related technologies. Primary job responsibilities include firmware feature development supporting new Mac software and hardware features, supporting ongoing efforts to improve the quality of shipped Macs in the field, and assisting the larger Mac Platform organization in cross-functional efforts to design and build new Mac products.
* Experience in firmware/BIOS development
* Experience with boot loaders and firmware/kernel interfaces
* Knowledge of UEFI and the x86 platform and standards, including ACPI, SMM, PnP, PCIe, and JEDEC DDR a plus
* Strong understanding of system power management a plus