System Security Engineer
Company: Idaho Scientific
Location: Salt Lake City
Posted on: May 8, 2024
Job Description:
Senior Systems Security Engineer - Life is Short. Solve Hard
Problems with Cool People. - Idaho Scientific is the Goldilocks of
the spirit and growth of a startup, with a financial footing and
safety of a stable corporation. The perks of working at Idaho
Scientific include all the benefits you'd expect from an employer
who prioritizes a balanced human experience: -
- Competitive Pay -
- Flexible Work Schedule - -
- Health Benefits and Insurance - -
- Retirement fund contributions -
- Profit Sharing -
- Generous Paid Time Off Policy - Solve the Problem, Not the
Symptom. - Idaho Scientific designs and deploys secure system
solutions through novel CPU design, crypto cores, purpose-built
system-on-a-chip architectures and hardened operating systems. -
Our solutions are the foundation for how military systems will
remain safe and secure in the conflicts of the future. - We need
smart people like you to join us in solving hard problems that
matter. - Position Description. - A Senior System Security Engineer
(SSE) is a, industry-recognized, subject matter expert on the
topics of anti-tamper, cyber security, and supply chain trust. A
successful candidate will possess implementation level details of
vulnerabilities and their countermeasures across a wide range of
system types including microcontrollers, FPGA based system-on-chip
(SoC) system, and workstation grade single board computers. Idaho
Scientific is equally interested in physical and virtual threat
vectors. - - Example Physical threats: -
- Side Channel Analysis against crypto systems -
- Glitching and fault injection -
- Invasive and non-invasive chip and circuit card level failure
analysis techniques -
- JTAG and in-circuit debug -
- Direct Memory access and bus protocol exploitation - Example
Virtual threats: -
- Software exploitation -
- Firmware Exploitation -
- Root Kits and Boot Kits -
- Protocol exploitation -
- Cryptanalysis -
- CPU Side Channel Analysis -
- Rowhammer - The primary responsibility of this candidate is to
individually contribute to the vulnerability analysis and
countermeasure selection/design for subsystem and component
(circuit card or device level) elements within U.S. weapon systems.
- What You'll Get to Do: -
- Individual Contributions -
- Evaluate proposed or existing system architectures for reverse
engineering and cyber exploitation vulnerabilities -
- Document vulnerabilities in white papers and attack
countermeasure analysis -
- Recommend architectural changes to reduce system
vulnerabilities -
- Architect system level security design and requirements to
address the vulnerabilities enumerated within U.S. weapon systems.
-
- Document system design and requirements within a program
protection plan and anti-tamper plan -
- Develop Crypto and Key management plans -
- Prepare for, attend, and brief and customer and government
design review meetings -
- Participate in all aspects of the product design life cycle
including system architecture, design, development, and
verification -
- Distill complex technical concepts into clear and concise
writing to support proposals for new opportunities -
- Contribute to new product ideas and proposals -
- Advising, mentoring, and training -
- Stay current with threat, vulnerabilities, countermeasure,
hardware and software architecture - -
- Advise and train customers on system vulnerabilities and
countermeasures enabling them to design and requirements to secure
their architectures -
- Advise customers on security and design principles, best
practices, and system security engineering processes and approvals
-
- Participate in industry working groups and provide security
recommendations to relevant government and commercial standards,
policies, and procedures -
- Participate in development and delivery of internal and
external training efforts - Required Qualifications & Experience -
- US Citizenship -
- Ability to get a security clearance -
- More than five (5) years of proven past performance in embedded
systems security design; preference given to candidates who have
experience with US Department of Defense (DoD) embedded systems
security - -
- Advanced knowledge of crypto algorithms, when and how to use
each algorithm, vulnerabilities of each algorithm and
vulnerabilities inherent to an implementation of each algorithm
-
- Advanced knowledge of attacks and vulnerabilities against
hardware and software, as well as an understanding of balancing
solutions with acceptable residual vulnerabilities -
- Advanced understanding of computer hardware and software
architectures, including being able to clearly articulate how a CPU
works, how a FPGA works, how Operating Systems work and how user
space application runtime environments work -
- Experience with key generation and key management solutions
-
- Familiarity with latest research in secure boot services and
why additional research is needed -
- Degree in Cryptography, Computer Engineering, Computer Science,
Electrical Engineering, Mathematics or related field -
- Ability to clearly capture complex technical concepts in
writing for both technical and general audiences -
- Strong analytical and problem-solving skills -
- Must be highly creative and have experience interfacing
directly with external customers - Preferred Qualifications &
Experience -
- Active US Security Clearance -
- Working knowledge of applied cryptography -
- Experience applying principles of cyber security to operational
technology and embedded systems -
- Experience reverse engineering hardware and software -
- Experience developing program protection plans for US weapons
systems -
- Experience with software assurance, system integrity, trust
strategies, supply chain exploitation methods and countermeasures
and/or general vulnerability analysis -
- Experience with CPU design, preferably Intel x86 -
- Knowledge of Operating System architecture and design, Linux
preferred -
- Location -
- The preferred work location is at Idaho Scientific headquarters
in Salt Lake City, Utah. Commitment to Diversity. - Idaho
Scientific is an equal employment opportunity employer. Qualified
applicants will not be discriminated against due to race, color,
creed, sex, sexual orientation, gender identity or expression, age,
religion, national origin, citizenship status, disability,
ancestry, marital status, veteran status, medical condition
including pregnancy, or any protected category prohibited by local,
state or federal laws.
Keywords: Idaho Scientific, Murray , System Security Engineer, Other , Salt Lake City, Utah
Didn't find what you're looking for? Search again!
Loading more jobs...