FW Security Architect

Job Description

Primary Roles: � Definition of Firmware and Product-level Security Requirements for NCCG products, working on multiple project families at the same time. � Translation of Product-level Security Requirements to the FW level and the creation of detailed FW documentation explaining them at the FW level. � Working with FW Engineering teams on estimates for the execution of features � Reviewing critical code paths and validation plans to ensure that sensitive features are implemented correctly � Providing training and education on security features, cryptography and Intel security requirements for development teams. Initiates the design, development, execution, and implementation of scientific research projects to fuel growth in secure computing, cryptographic algorithms, communication, memory, networking, intellectual property, and new business opportunities. Applies scientific research principles and concepts to potential inventions and products to define and architect secure design, development, and operation of Intel's hardware and software products and services. Ensures products conform to standards and specifications. Evaluates threat assessments, security components designs, and conducts vulnerability assessments. Identifies new vulnerabilities and gaps in existing security test automation and develops tools and processes to close the gap. Works with other security researchers to develop evolving ethical hacking skills and networking product knowledge. Maintains substantial knowledge of stateoftheart security principles, theories, and attacks and contributes to literature and conferences participating in intellectual property development. Develops security related project plans and cost estimates, assesses projects risks, and responds to customer/client requests or events as they occur. Researches technological trends, enables partnerships and collaboration among industry, academia, standards bodies, product, and other technical groups to address important technology and customer issues, and finds innovative solutions to difficult problems for midterm or longterm time frames. Influences external research, disseminates results, and raises the profile of conducted research through scientific publications, patents, talks, and Intel internal or external outreach efforts. Performs research to define boundaries and create proofofconcepts or prototype new ideas including test chips and competitive analysis versus industry trends. Works with engineering design teams to determine product requirements and the feasibility of new technology adoption and robustness of secure product design. Recommends features and influences future Intel product roadmap.

Qualifications

Qualifications: � The ability to read, understand and review complicated security-related FW code written in C. � An in-depth understanding of the mitigations available in embedded systems, including both RTOS and Linux environments, their advantages, disadvantages, and what they defend against. � Experience with the following in embedded systems: Secure Boot, Attestation Protocols, Secure FW Update, PKI Infrastructure, Applied Cryptography, Anti-rollback of FW and configuration. � The ability to understand the documentation of a wide variety of HW blocks, ranging from cryptographic accelerators to packet parsers. � Excellent English skills in both speech and writing, enabling work with a significant range of stakeholders. The ability to write coherent, clear, and implementable requirements � Understanding of the datacenter and edge threat landscape, with an emphasis on protections from physically present attackers. � At least 5 years of experience writing FW code in C or in low-level Linux driver development. � Familiarity with Linux security � Familiarity with RTOS environments and their limitations. Advantages: � Hands-on experience in writing code for ARM and or Xtensa CPUs under Zephyr and Linux. � Hands-on Security Research Experience as part of a Red Team, or hands-on experience as part of an organizational Blue Team, tasked with defense. � Experience in writing cryptographic implementations, such as part of a FIPS module or cryptographic library. � Experience with FIPS certifications. � Familiarity with ARM TrustZone and ARM SMMU constructs. � Experience working with AMBA/AXI, as well as at least one example of HW NoCs/Fabrics. � Familiarity with Manageability Protocols (MCTP, NCSI) and their transports. Requirements listed would be obtained through a combination of industry relevant job experience, internship experiences and or schoolwork/classes/research.

Inside this Business Group

The Network & Edge Group brings together our network connectivity and edge into a business unit chartered to drive technology end to end product leadership. It's leadership Ethernet, Switch, IPU, Photonics, Network and Edge portfolio is comprised of leadership products critically important to our customers.

Posting Statement

All qualified applicants will receive consideration for employment without regard to race, color, religion, religious creed, sex, national origin, ancestry, age, physical or mental disability, medical condition, genetic information, military and veteran status, marital status, pregnancy, gender, gender expression, gender identity, sexual orientation, or any other characteristic protected by local law, regulation, or ordinance.

Benefits

We offer a total compensation package that ranks among the best in the industry. It consists of competitive pay, stock, bonuses, as well as, benefit programs which include health, retirement, and vacation. Find more information about all of our Amazing Benefits here.

Working Model

This role will be eligible for our hybrid work model which allows employees to split their time between working on-site at their assigned Intel site and off-site. In certain circumstances the work model may change to accommodate business needs.

JobType

Hybrid