Principal Embedded Security Engineer, Consumer Software
Bose
- Framingham, MA
- Permanent
- Full-time
- Design, implement and deploy embedded software security system for new products that include technologies like Bluetooth, Active Noise Reduction and mobile app interfaces.
- Security assessment, detecting and resolving security vulnerabilities and risks. Countermeasures, platform hardening techniques and system level security improvement.
- Research and prototyping on advanced security detection and protection methods. IP provisioning and protection techniques.
- Design modular software that is maintainable, scalable and reusable across Bose’s product line.
- Analyze complex technical problems and propose design of comprehensive solutions.
- Contribute to all phases of the product software lifecycle, including requirements analysis, design, implementation, automated test, release, support, and documentation. Drive end to end software delivery successfully on-time.
- Enhance processes and DevOps to improve quality and increase efficiency by focusing on continuous improvement.
- 10+ years of demonstrated experience in embedded software security development through the full lifecycle (requirements, design, development, test, deployment, operation).
- Threat modeling on embedded devices. Secure code review, analysis and vulnerabilities assessment, detection and mitigation.
- Security testing, e.g. fuzzing and pen-testing.
- Applied cryptography and security protocols including TLS, PKI, PKCS, etc.
- Binary analysis and exploit reverse engineering.
- OS security and hypervisor security.
- TZ/TEE. Android platform security. Access control, secure debug, memory analysis.
- IP security & provisioning.
- Demonstrated success leading high performing teams.
- Experience driving a test-driven development process on engineering teams.
- Strong troubleshooting and root cause analysis skills
- Has delivered firmware for at least one product successfully launched into mass production.
- Experience with C or C++ in a secured embedded system, including Linux and Android natives.
- Experience with complex embedded software in a resource limited RTOS based system, such as Qualcomm Hexagon, STMicro, AMLogic, Airoha, BES SoC systems.
- Experience with DRM a plus.
- Experience with common protocols such as I2C, I2S or SPI.
- Experience with Bluetooth or other wireless communication protocols is a plus.
- Experience with Audio processing a plus.
- Strong systems level thinker across hardware, software, user experience,
- BSEE/BSCS/BSCE (MS preferred) with at least 5-10 years related work experience.