System Security Engineer
Idaho Scientific, Salt Lake City, UT, United States
Senior Systems Security Engineer
Life is Short. Solve Hard Problems with Cool People.
Idaho Scientific is the Goldilocks of the spirit and growth of a startup, with a financial footing and safety of a stable corporation. The perks of working at Idaho Scientific include all the benefits you’d expect from an employer who prioritizes a balanced human experience:
-
Competitive Pay
-
Flexible Work Schedule
-
Health Benefits and Insurance
-
Retirement fund contributions
-
Profit Sharing
-
Generous Paid Time Off Policy
Solve the Problem, Not the Symptom.
Idaho Scientific designs and deploys secure system solutions through novel CPU design, crypto cores, purpose-built system-on-a-chip architectures and hardened operating systems. Our solutions are the foundation for how military systems will remain safe and secure in the conflicts of the future. We need smart people like you to join us in solving hard problems that matter.
Position Description.
A Senior System Security Engineer (SSE) is a, industry-recognized, subject matter expert on the topics of anti-tamper, cyber security, and supply chain trust. A successful candidate will possess implementation level details of vulnerabilities and their countermeasures across a wide range of system types including microcontrollers, FPGA based system-on-chip (SoC) system, and workstation grade single board computers. Idaho Scientific is equally interested in physical and virtual threat vectors.
Example Physical threats:
Side Channel Analysis against crypto systems
-
Glitching and fault injection
-
Invasive and non-invasive chip and circuit card level failure analysis techniques
-
JTAG and in-circuit debug
-
Direct Memory access and bus protocol exploitation
Example Virtual threats:
Software exploitation
-
Firmware Exploitation
-
Root Kits and Boot Kits
-
Protocol exploitation
-
Cryptanalysis
-
CPU Side Channel Analysis
-
Rowhammer
The primary responsibility of this candidate is to individually contribute to the vulnerability analysis and countermeasure selection/design for subsystem and component (circuit card or device level) elements within U.S. weapon systems.
What You’ll Get to Do:
Individual Contributions
-
Evaluate proposed or existing system architectures for reverse engineering and cyber exploitation vulnerabilities
-
Document vulnerabilities in white papers and attack countermeasure analysis
-
Recommend architectural changes to reduce system vulnerabilities
-
Architect system level security design and requirements to address the vulnerabilities enumerated within U.S. weapon systems.
-
Document system design and requirements within a program protection plan and anti-tamper plan
-
Develop Crypto and Key management plans
-
Prepare for, attend, and brief and customer and government design review meetings
-
Participate in all aspects of the product design life cycle including system architecture, design, development, and verification
-
Distill complex technical concepts into clear and concise writing to support proposals for new opportunities
-
Contribute to new product ideas and proposals
-
Advising, mentoring, and training
-
Stay current with threat, vulnerabilities, countermeasure, hardware and software architecture
-
Advise and train customers on system vulnerabilities and countermeasures enabling them to design and requirements to secure their architectures
-
Advise customers on security and design principles, best practices, and system security engineering processes and approvals
-
Participate in industry working groups and provide security recommendations to relevant government and commercial standards, policies, and procedures
-
Participate in development and delivery of internal and external training efforts
Required Qualifications & Experience
US Citizenship
-
Ability to get a security clearance
-
More than five (5) years of proven past performance in embedded systems security design; preference given to candidates who have experience with US Department of Defense (DoD) embedded systems security
-
Advanced knowledge of crypto algorithms, when and how to use each algorithm, vulnerabilities of each algorithm and vulnerabilities inherent to an implementation of each algorithm
-
Advanced knowledge of attacks and vulnerabilities against hardware and software, as well as an understanding of balancing solutions with acceptable residual vulnerabilities
-
Advanced understanding of computer hardware and software architectures, including being able to clearly articulate how a CPU works, how a FPGA works, how Operating Systems work and how user space application runtime environments work
-
Experience with key generation and key management solutions
-
Familiarity with latest research in secure boot services and why additional research is needed
-
Degree in Cryptography, Computer Engineering, Computer Science, Electrical Engineering, Mathematics or related field
-
Ability to clearly capture complex technical concepts in writing for both technical and general audiences
-
Strong analytical and problem-solving skills
-
Must be highly creative and have experience interfacing directly with external customers
Preferred Qualifications & Experience
Active US Security Clearance
-
Working knowledge of applied cryptography
-
Experience applying principles of cyber security to operational technology and embedded systems
-
Experience reverse engineering hardware and software
-
Experience developing program protection plans for US weapons systems
-
Experience with software assurance, system integrity, trust strategies, supply chain exploitation methods and countermeasures and/or general vulnerability analysis
-
Experience with CPU design, preferably Intel x86
-
Knowledge of Operating System architecture and design, Linux preferred
Location
The preferred work location is at Idaho Scientific headquarters in Salt Lake City, Utah.
Commitment to Diversity.
Idaho Scientific is an equal employment opportunity employer. Qualified applicants will not be discriminated against due to race, color, creed, sex, sexual orientation, gender identity or expression, age, religion, national origin, citizenship status, disability, ancestry, marital status, veteran status, medical condition including pregnancy, or any protected category prohibited by local, state or federal laws.