System Security Engineer
Senior Systems Security Engineer
Life is Short. Solve Hard Problems with Cool People.
Idaho Scientific is the Goldilocks of the spirit and growth of a startup, with a financial footing and safety of a stable corporation. The perks of working at Idaho Scientific include all the benefits you’d expect from an employer who prioritizes a balanced human experience:
Competitive Pay
Flexible Work Schedule
Health Benefits and Insurance
Retirement fund contributions
Profit Sharing
Generous Paid Time Off Policy
Solve the Problem, Not the Symptom.
Idaho Scientific designs and deploys secure system solutions through novel CPU design, crypto cores, purpose-built system-on-a-chip architectures and hardened operating systems. Our solutions are the foundation for how military systems will remain safe and secure in the conflicts of the future. We need smart people like you to join us in solving hard problems that matter.
Position Description.
A Senior System Security Engineer (SSE) is a, industry-recognized, subject matter expert on the topics of anti-tamper, cyber security, and supply chain trust. A successful candidate will possess implementation level details of vulnerabilities and their countermeasures across a wide range of system types including microcontrollers, FPGA based system-on-chip (SoC) system, and workstation grade single board computers. Idaho Scientific is equally interested in physical and virtual threat vectors.
Example Physical threats:
Side Channel Analysis against crypto systems
Glitching and fault injection
Invasive and non-invasive chip and circuit card level failure analysis techniques
JTAG and in-circuit debug
Direct Memory access and bus protocol exploitation
Example Virtual threats:
Software exploitation
Firmware Exploitation
Root Kits and Boot Kits
Protocol exploitation
Cryptanalysis
CPU Side Channel Analysis
Rowhammer
The primary responsibility of this candidate is to individually contribute to the vulnerability analysis and countermeasure selection/design for subsystem and component (circuit card or device level) elements within U.S. weapon systems.
What You’ll Get to Do:
Individual Contributions
Evaluate proposed or existing system architectures for reverse engineering and cyber exploitation vulnerabilities
Document vulnerabilities in white papers and attack countermeasure analysis
Recommend architectural changes to reduce system vulnerabilities
Architect system level security design and requirements to address the vulnerabilities enumerated within U.S. weapon systems.
Document system design and requirements within a program protection plan and anti-tamper plan
Develop Crypto and Key management plans
Prepare for, attend, and brief and customer and government design review meetings
Participate in all aspects of the product design life cycle including system architecture, design, development, and verification
Distill complex technical concepts into clear and concise writing to support proposals for new opportunities
Contribute to new product ideas and proposals
Advising, mentoring, and training
Stay current with threat, vulnerabilities, countermeasure, hardware and software architecture
Advise and train customers on system vulnerabilities and countermeasures enabling them to design and requirements to secure their architectures
Advise customers on security and design principles, best practices, and system security engineering processes and approvals
Participate in industry working groups and provide security recommendations to relevant government and commercial standards, policies, and procedures
Participate in development and delivery of internal and external training efforts
Required Qualifications & Experience
US Citizenship
Ability to get a security clearance
More than five (5) years of proven past performance in embedded systems security design; preference given to candidates who have experience with US Department of Defense (DoD) embedded systems security
Advanced knowledge of crypto algorithms, when and how to use each algorithm, vulnerabilities of each algorithm and vulnerabilities inherent to an implementation of each algorithm
Advanced knowledge of attacks and vulnerabilities against hardware and software, as well as an understanding of balancing solutions with acceptable residual vulnerabilities
Advanced understanding of computer hardware and software architectures, including being able to clearly articulate how a CPU works, how a FPGA works, how Operating Systems work and how user space application runtime environments work
Experience with key generation and key management solutions
Familiarity with latest research in secure boot services and why additional research is needed
Degree in Cryptography, Computer Engineering, Computer Science, Electrical Engineering, Mathematics or related field
Ability to clearly capture complex technical concepts in writing for both technical and general audiences
Strong analytical and problem-solving skills
Must be highly creative and have experience interfacing directly with external customers
Preferred Qualifications & Experience
Active US Security Clearance
Working knowledge of applied cryptography
Experience applying principles of cyber security to operational technology and embedded systems
Experience reverse engineering hardware and software
Experience developing program protection plans for US weapons systems
Experience with software assurance, system integrity, trust strategies, supply chain exploitation methods and countermeasures and/or general vulnerability analysis
Experience with CPU design, preferably Intel x86
Knowledge of Operating System architecture and design, Linux preferred
Location
The preferred work location is at Idaho Scientific headquarters in Salt Lake City, Utah.
Commitment to Diversity.
Idaho Scientific is an equal employment opportunity employer. Qualified applicants will not be discriminated against due to race, color, creed, sex, sexual orientation, gender identity or expression, age, religion, national origin, citizenship status, disability, ancestry, marital status, veteran status, medical condition including pregnancy, or any protected category prohibited by local, state or federal laws.