Principal Firmware Security Engineer

Summary

Join Western Digital and contribute to the development of cutting-edge data storage technology. As a Firmware Security Engineer, you will design and implement cryptography-based security features for SSDs. You will integrate security protocols, investigate and resolve compatibility issues, and debug firmware on various platforms. This role requires strong embedded programming skills in C/C++, experience with firmware development lifecycle, and proficiency in failure analysis. You will collaborate with cross-functional teams and take ownership of features from start to finish. Western Digital offers a comprehensive benefits package, including paid time off, health insurance, retirement plans, and more.

Requirements

• A degree in Computer Science, Electrical/Computer Engineering, Software Engineering, or a related field
• 8+ years of experience in embedded programming, with proficiency in C/C++ and one or more of the following: Python, Rust, Go
• Experience in firmware code review, CI/CD test and validation methodology, as well as static and dynamic code analysis. Familiarity with the Agile software development process life cycle is also desired
• Proficiency in failure analysis in debugging an embedded firmware application, using debuggers such as Lauterbach
• An engineer who can take ownership of given features and manage them from start to finish. Being self-motivated and driven is essential for this role
• Good communication skills and be able to work effectively with cross-functional teams

Responsibilities

• Develop various cryptography-based security features such as data encryption, Secure Boot, and Device Attestation
• Integrate these security protocols and features into the SSD data and control flows to ensure a robust and secure system. Additionally, investigate and resolve any security protocol compatibility issues that may arise
• Investigating failures, documenting bug reports, and providing valuable assistance to product teams in identifying and resolving issues
• Debugging, optimizing, and validating the Firmware on SoC platforms, as well as bringing up of FPGA and ASIC
• Contribute to the Security Development Lifecycle of the Firmware by supporting its development at different stages, including design, threat analysis, implementation, validation, vulnerability testing, certification, and audit

Preferred Qualifications

• Detailed knowledge of RISC-V Instruction Set Architectures (ISA)
• Technical expertise in applied cryptography and firmware/hardware security, including knowledge of data encryption, trusted execution environment, secure boot, and device attestation
• Knowledge of storage controller architectures and security protocols, such as TCG Opal/Ruby/Pyrite, IEEE 1667, SPDM, and IDE
• Familiarity with writing code in Github repository and it’s CI/CD testing framework

Benefits

• Paid vacation time
• Paid sick leave
• Medical/dental/vision insurance
• Life, accident and disability insurance
• Tax-advantaged flexible spending and health savings accounts
• Employee assistance program
• Other voluntary benefit programs such as supplemental life and AD&D, legal plan, pet insurance, critical illness, accident and hospital indemnity
• Tuition reimbursement
• Transit
• The Applause Program
• Employee stock purchase plan
• The Western Digital Savings 401(k) Plan
• Short-Term Incentive (STI) Plan
• Annual Long-Term Incentive (LTI) program, which consists of restricted stock units (RSUs) or cash equivalents
• RSU awards are also available to eligible new hires