• Information Security Engineer III

    Location US-CA-Cupertino
    Posted Date 1 week ago(8/8/2018 12:35 PM)
    Job ID
    700879
  • Job Description

    Software/System Security engineer

    We are looking for a software security engineer with knowledge and expertise of information security and penetration testing at the system/software and hardware interfaces.

    In this role you will help AWS ensure our technologies and products stands up to hostile attack or customer misuse.

    You will work closely with the engineers and architects crafting next generation system, software and service-level security technologies, relevant assumptions and influencing designs.
    You will be the first to exploit new technologies before they are released into the wild – and help avoid vulnerable designs getting released.

    Basic Qualifications

    • BS in Computer Science, Information Security, or related field, or equivalent work experience
    • Demonstrated grasp of crypto basics (encryption, signing, certificates, SHA, AES, RSA, etc)
    • Demonstrated grasp of basic network security (DHCP, DNS, SSH, ACLs, common ports)
    • Minimum 4 years of experience with:
      • x86 and/or ARM chipset and firmware security (TPM, UEFI, TrustZone, secure boot)
      • Physical hardware security (PCB, JTAG, UART, SPI, ROM, microcode, custom ASIC/FPGA)
    • Minimum 4 years of experience with at least one of the following categories:
      • Local encryption and key management (LUKS, BitLocker, self-encrypting drives, etc)
      • PKI and code signing architecture (X.509, EV SSL, certificate pinning, OCSP, CRL, etc)
      • Hardware penetration testing (e.g. bus/protocol analysis, debug, power/timing, fuzzing, etc)
      • Low-level programming in C and assembly (e.g. drivers, CPU microcode, ROMs)
    • Minimum 1 year security assessment (penetration testing, network traffic analysis)

    Preferred Qualifications

    • 6+ years of experience in two or more of the categories below
    • Minimum 4 years of experience with:
      • x86 and/or ARM chipset and firmware security (TPM, UEFI, TrustZone, secure boot)
      • Physical hardware security (PCB, JTAG, UART, SPI, ROM, microcode, custom ASIC/FPGA)
    • Minimum 4 years of experience with at least one of the following categories:
      • Local encryption and key management (LUKS, BitLocker, self-encrypting drives, etc)
      • PKI and code signing architecture (X.509, EV SSL, certificate pinning, OCSP, CRL, etc)
      • Hardware penetration testing (e.g. bus/protocol analysis, debug, power/timing, fuzzing, etc)
      • Low-level programming in C and assembly (e.g. drivers, CPU microcode, ROMs)
    • Relevant industry certifications (CISSP, SANS/GIAC, CompTIA, Microsoft, Linux, AWS)
    • Hands-on experience performing security assessments of hardware/embedded devices
    • Expert knowledge of security risk management and hardware security mitigation strategies
    • Some knowledge of recognized security standards (TCG, IEEE, NIST, FIPS, PCI-DSS)
    • Some knowledge of hardware design (ROM/EEPROM, fuses, integrated circuits, NAND)
    • Some knowledge of AWS core services (EC2, S3, IAM, Greengrass, Lambda, KMS, VPC)
    • Intermediate knowledge of common security protocols (e.g. RDP, TLS, SNMP, SSH, IPMI)
    • Intermediate knowledge of hardware cryptography (certificates, attestation, TPM/HSM)
    • Intermediate knowledge of embedded/IoT solution design and security considerations
    • Minimum 2 years of experience supporting teams with design input and security risk analysis
    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share this job