Job Description
- Perform security architecture design review and threat analysis of firmware and hardware , to ensure security properties and robustness of our complex software products
- Identify vulnerabilities in our firmware, build proof of concepts, and drive remediation via secure code reviews, fuzz and penetration testing
- Recommend security controls, evangelize and drive adoption of new or improved tools, practices, and plans to increase product robustness and reliability.
- Collaborate with engineers, customers, and/or partners to perform internal or external security audits on our products to ensure the security quality.
- Respond to product security incidents, coordinate engineering teams and partners to solve security related issues
- Work with other parts of our company on a broad range of technologies and initiatives to enhance security.
- Research and exploit side-channel, fault, and advanced physical attacks
Requirement
- BS+ in Computer Engineering, Computer Science, or Electrical Engineering.
- 7+ years of relevant work experience
- Programming background in ARM/RISCV assembly, Python, C, C , and/or RUST
- Knowledge of embedded system architecture and security (e.g. Android/Linux, ARM trust zone, hypervisor/virtualization etc.).
- Knowledge of hardware/software vulnerabilities and their exploit techniques
- Experience with security design review or threat modeling throughout hardware to software.
- Experience with secure code review, analysis, vulnerability assessment, hacking/attack analysis.
- Motivated by pursuing difficult and novel problems in a highly complex environment
- Excellent at multitasking, organizing, and prioritizing complex projects to meet deadlines
- Listens for nuances and digs into details to understand systems deeply
Preferred Requirement
- experience on any automotive grade platform such as AUTOSAR, QNX, Android Automotive, etc.
- JTAG, debugging, binary instrumentation frameworks, Reverse-engineering (IDA Pro, Ghidra)
- ISO21434 or ISO 26262 compliance experience
- TARA or HARA methodology and execution experience
- CACSE (Certified Automotive Cyber-Security Expert) certificate
- CACSP (Automotive Cyber-Security Professional) certificate
Salary range: $180,000- $260,000
Employee may be eligible for performance bonus, short and long term incentive programs. Actual total compensation will be dependent upon the individual's skills, experience and qualifications. In addition, MediaTek provides a variety of benefits including comprehensive health insurance coverage, life and disability insurance, savings plan, Company paid holidays, Paid time off (PTO), Parental leave, 401K and more.
MediaTek is an Equal Opportunity Employer that is committed to inclusion and diversity to all, regardless of age, ancestry, color, disability (mental and physical), exercising the right to family care and medical leave, gender, gender expression, gender identity, genetic information, marital status, medical condition, military or veteran status, national origin, political affiliation, race, religious creed, sex (includes pregnancy, childbirth, breastfeeding and related medical conditions), and sexual orientation.