Senior Embedded Security Engineer
Bedford, MA

Job Description

Job Description:

MITRE's Electronic Systems Development and Embedded Security department is seeking to hire experienced engineers in hardware, firmware and software security for embedded systems to support a range of projects of national significance in the public interest.

Qualified candidates will join a high-performing team focused on low-level hardware, firmware and software security. The team performs hands-on research and analysis and develops proof-of-concept prototypes to advance the state-of-the-art. Do you want to perform side-channel analysis? We have a custom-developed testbed and world-class expertise. Are you curious about fault injection attacks and countermeasures? Contribute to our ongoing internal research in this area. Enjoy Capture The Flag (CTF) competitions? Join our team that competes in embedded security competitions or contribute to the MITRE embedded CTF (eCTF) as an organizer or team mentor. Have a revolutionary idea that you want to develop? Propose and lead a research project in our internal R&D program.

Want to do all the above while working with world-class experts and tackling some of our nation's toughest technical challenges? We'd love to speak with you. Apply for this position!

Key Functions:

* Contribute to teams performing hands-on security assessments of embedded systems
* Design and implement secure hardware and/or software
* Support, develop, and propose internal research projects

Required Qualifications:

* Experience in one or more embedded security topics including but not limited to side-channel analysis, fault induction attacks, board-level and firmware/software reverse engineering and vulnerability discovery
* Breadth of technical understanding of topics relating to embedded systems security
* Strong communication skills
* BS (or higher) in Computer Science, Electrical or Computer Engineering and 3+ years of experience

Preferred Qualifications:

Highly-qualified candidates would meet several of the following preferred qualifications, however, we do not expect any individual to meet all of these and are looking to fill multiple positions according to technical expertise.

* Strong understanding of one or more of the following
* Software and hardware reverse engineering
* Side-channel analysis
* Fault injection attacks
* Hands-on reverse engineering techniques (JTAG/UART probing, PCB mods and RE, etc.)
* Anti-Tamper techniques
* Familiarity with one or more of the following
* Scientific/numeric computing experience with Python
* Statistical signal processing/machine learning techniques
* Invasive/semi-invasive attacks
* Physically Unclonable Functions (PUFs)
* Operating systems & kernel internals knowledge
* Compiler internals, debuggers, disassemblers, and other low-level development tools
* Commercial embedded and/or hardware security technologies (e.g. Trusted Platform Modules, Boot Guard, Secure Boot, ARM TrustZone, etc.)
* Common cryptographic algorithms (e.g. AES, 3DES, RSA, ECC, etc.) and protocols (e.g. TLS, Diffie-Hellman key exchange, etc.)
* Common weaknesses and modern attacks on cryptographic algorithms and protocols
* A graduate degree (MS or PhD)