Firmware Security Engineer
OnLogic · South Burlington, VT · 2 wk ago
On-siteEngineering$100k–$120k/yrFull-time
About the role
As a Firmware Security Engineer at OnLogic, you will be a vital part of a team dedicated to developing and protecting cutting-edge industrial computing products. You will lead vulnerability management and firmware/software coding tasks for various UEFI/BIOS, BMC, and microcontroller (MCU) applications across our product line, including motherboards and expansion cards. Additionally, you will collaborate with external partners performing BIOS customization for our motherboards.
Responsibilities
- Collaborating with the security team to identify and mitigate firmware vulnerabilities.
- Executing firmware development tasks focused on vulnerability mitigation.
- Partnering with the firmware development team to define precise BIOS specifications.
- Collaborating with external parties throughout the vulnerability management lifecycle.
- Validating the function of firmware and BIOS on hardware prototypes.
- Actively participating in the continuous improvement of the company's hardware and firmware development processes.
- Driving comprehensive vulnerability lifecycle management.
- Supporting product security initiatives and managing customer communications regarding related issues.
Requirements
- Bachelor's degree or higher in Computer Science, Cybersecurity, Software Engineering, or Electrical Engineering.
- 5+ years of firmware security management experience, preferably in the industrial PC industry working with BIOS/UEFIs.
- Proven expertise in embedded systems security, with a strong focus on threat modeling, risk assessment, and security implementation.
- Strong command of UEFI security standards (e.g., TPM 2.0, Secure Updates , Capsule updates, Secure/Trusted/Measured Boot, Intel BIOS/Boot Guard, Intel PTT, Intel TXT).
- Experience collaborating in a leadership capacity across multiple engineering disciplines, such as mechanical, electrical, firmware, and security.
- Hands-on experience in embedded firmware debugging using JTAG-based debuggers and logic analyzers.
- Deep understanding of the vulnerability lifecycle, including scanning, CVE management, and risk mitigation strategies.
- Ability to collaborate with teammates on the Cybersecurity, Component Engineering, and other engineering teams to implement secure and compliant development processes.
- Capability to contribute to the Firmware Security Development Lifecycle by supporting its development at various stages, including design, threat analysis, implementation, validation, vulnerability testing, certification, and audit.
- Strong background in software development, including proficiency in Python.
- Experience with version control systems (such as Git) and standard software development processes.
- Solid understanding of PC hardware architectures, BIOS, and Linux operating systems.
- Extensive experience with microcontrollers, including their core architecture and operation.
- Familiarity with common security standards and certifications (e.g., Common Criteria, MITRE, FIPS, ISO 27001:2022, IEC 62443).