Jobs · Information Technology · Massachusetts

Senior Product Security Engineer

Bose Corporation · Framingham, MA · 2 wk ago
HybridInformation Technology$143k–$196k/yrFull-time

Principal Duties And Responsibilities

  • Architecting and designing products to guarantee secure practices, data confidentiality, system integrity
  • Engineering and implementing ARM Trust Zone secure applets
  • Implementing a cryptographic IoT device identity and root of trust
  • Streamlining secrets, key management, cryptography, and credential management
  • Defining Security requirements and conducting security assessments
  • Architect and implement protections for intellectual property, including anti-reverse engineering, secure firmware distribution, and debug interface lockdown
  • Ensuring compliance with applicable security regulations and standards (e.g., EU CRA, ETSI EN 303 645, NIST) and support audits and certifications
  • Advising engineering peers on security matters in the form of architectural guidance, code/design reviews, and solution development
  • Improving vulnerability discovery, patching process, and leading responses to external security threats
  • Code independently with minimal oversight and design system architecture with guidance
  • Collaborating with cross-functional teams like product firmware, devops, cloud engineering, manufacturing, and program management
  • Performing security testing on products and supporting with the security fix implementations
  • Designing and maintaining private X.509 and JWK chains of trust used for validating authenticity of portable audio devices
  • Stay up-to-date on security news, relevant technologies, plug into user groups, understand trends and security opportunities
  • Be a stakeholder on interdisciplinary teams advocating for security

Qualifications

  • Experience developing for embedded systems and Linux platforms in C, C++
  • Strong knowledge of cryptographic theory and engineering including encryption, hashing, signing, digital certificates and hardware security modules (HSMs)
  • Building internal security applications with cryptographic guarantees such as firmware encryption and signing, custom developer enablement tools, secure asset provisioning, etc.
  • Experience aligning embedded product security practices with regulatory and compliance requirements (EU CRA, NIST, ISO 27001, IEC 62443 or similar frameworks)
  • Experience implementing IP protection and anti-tamper mechanisms in embedded systems, including secure boot enforcement, firmware encryption, and hardware debug port protection
  • Experience mitigating dependency or code-level defects including memory-management issues, input validation, timing attacks, broken authentication, side channels
  • Experience with computer networking with a focus on security and IOT applications
  • Bachelor's degree in Computer Science, or equivalent
  • A master’s degree is beneficial
  • 6 or more years of industry experience working in firmware development with a focus on security

Pay

The hiring range for this position in the primary work location of Framingham, Massachusetts is: $142,600-$196,000.

Schedule

N/A

Benefits

N/A

Skills

N/A

Benefits

N/A

Cookie/Navigation/Equal Opportunity/Scam Warning Boilerplate

Folded

Similar jobs