Firmware Security Engineer

Advanced Micro Devices

  • Austin, TX
  • Permanent
  • Full-time
  • 1 month ago
Job Description:WHAT YOU DO AT AMD CHANGES EVERYTHINGWe care deeply about transforming lives with AMD technology to enrich our industry, our communities, and the world. Our mission is to build great products that accelerate next-generation computing experiences – the building blocks for the data center, artificial intelligence, PCs, gaming and embedded. Underpinning our mission is the AMD culture. We push the limits of innovation to solve the world’s most important challenges. We strive for execution excellence while being direct, humble, collaborative, and inclusive of diverse perspectives.AMD together we advance_THE ROLE:AMD's Data Center Platform Engineering Group {DPEG} is designing, building and delivering innovative technology infrastructure enabling the digital world. We create cloud-enabling server solutions that help the world’s leading companies turn their ideas into reality. Our customers are future-focused and so are we, always a step ahead of the next challenge. As experts in engineering, manufacturing, and supply chain, we’re the bridge between problem and solution for the world’s leading cloud and telecom providers. Our customers depend on us to solve their most complex server design needs. Come and join our Data Center Platform Engineering Group where we are building amazing, powered products with amazing people.THE PERSON:As a team member in Security Firmware Engineer, you will drive balanced, scalable, and industry standard security solutions. In this high visibility position, your firmware engineering expertise will be necessary towards product development, definition, and root cause resolution of the top vulnerabilities in the software products.KEY RESPONSIBILITIES:
  • Implement and design of secure embedded firmware solutions, ensuring robust protection against vulnerabilities and threats.
  • Develop and implement security microarchitectures, leveraging advanced cryptographic techniques and protocols.
  • Collaborate with cross-functional teams to integrate security features into embedded systems, ensuring compliance with industry standards and best practices.
  • Conduct thorough security assessments and threat modeling to identify and mitigate potential vulnerabilities in firmware designs.
  • Stay abreast of emerging security technologies and trends and evaluate their applicability to our products and solutions.
  • Drive the adoption of secure coding practices and tools, including static and dynamic code analysis, to enhance the security posture of our firmware.
  • Work closely with hardware teams to interpret board schematics and data sheets, ensuring seamless integration of security features.
  • Lead initiatives to enhance systems management and security in data center environments, focusing on server components and management protocols.
  • Implementation of Secure Boot, SPDM, Root of Trust, TCG DICE, and NIST 800-193 standards across our product lines.
  • Collaborate with industry partners and stakeholders to advance security features in Baseboard Management Controllers (BMC) and associated protocols.
  • Experience with OCP S.A.F.E. audits is preferred.
PREFERRED QUALIFICATIONS:
  • 5+ years of experience in BMC development including developing industry standard security practices, secure architecture and tools
  • Extensive experience in embedded firmware development, with a focus on security and cryptography.
  • Deep knowledge of embedded protocols such as I2C, I3C, SPI, USB, PCIe, and others.
  • Proven experience in both bare metal and OS-based embedded firmware development, including RTOS, embedded Linux, and Uboot.
  • Strong expertise in security microarchitecture and design, with a focus on cryptographic algorithms and protocols (CIA, Certificates, PKI, SHA, ECC, HMAC, AES).
  • Demonstrated ability to identify and address security vulnerabilities in embedded systems.
  • Familiarity with industry-standard static and dynamic code analysis tools such as Coverity or equivalent.
  • Knowledge of code composition tools such as Black duck or equivalent is plus.
  • Ability to read and interpret complex board schematics and data sheets.
  • Experience with systems management in data center environments, including server components and management protocols.
  • Familiarity with Secure Boot, SPDM, Root of Trust, TCG DICE, and NIST 800-193 standards.
  • Experience with Baseboard Management Controllers (BMC), Redfish, PLDM, Yocto, and OpenBMC software stack.
  • Self-starter with the ability to work with minimal guidance and drive projects to completion.
ACADEMIC CREDENTIALS:Bachelor's or Master’s degree in Electrical Engineering, Computer Science, Computer Engineering, or related technical disciplineLOCATION:Austin, TX#LI-BW1Benefits offered are described: .AMD does not accept unsolicited resumes from headhunters, recruitment agencies, or fee-based recruitment services. AMD and its subsidiaries are equal opportunity, inclusive employers and will consider all applicants without regard to age, ancestry, color, marital status, medical condition, mental or physical disability, national origin, race, religion, political and/or third-party affiliation, sex, pregnancy, sexual orientation, gender identity, military or veteran status, or any other characteristic protected by law. We encourage applications from all qualified candidates and will accommodate applicants’ needs under the respective laws throughout all stages of the recruitment and selection process.

Advanced Micro Devices