Senior Firmware Security Engineer

Summary

Join Yubico's Product Security team and play a crucial role in ensuring the security of our products and services. Collaborate with hardware and firmware teams to integrate secure design and development practices. Employ static and dynamic analysis to identify and resolve vulnerabilities. Define and implement security requirements and guidance. Lead training sessions and define metrics to measure impact. This role requires 5+ years in product security, 3+ years of software development, and proficiency in threat modeling and C programming. Yubico offers a flexible work environment, including remote options, and a strong company culture that values diversity and inclusion.

Requirements

• 5+ years in a product security role
• 3+ years of software development
• Proficiency in threat modeling
• Proficiency in C
• Knowledge of common vulnerability classes

Responsibilities

• Define and evangelize requirements and guidance for secure by design and secure by default principles
• Implement automation to prevent and detect security flaws in all phases of development
• Conduct design reviews and manual security assessments
• Lead training and awareness sessions
• Define and implement metrics to provide visibility into the impact of your work
• Define, lead, and influence processes to secure products and services
• Identify and advocate for new and novel uses of Yubico’s technology

Preferred Qualifications

• Bachelor’s or Master's degree in Computer Science or similar fields
• Knowledge of WebAuthn, OATH HOTP, OATH TOTP, U2F, PIV, or OpenPGP
• Proficiency in C++ or Rust
• Experience developing for ARM
• Experience in targeted fuzzing
• Experience in fault injection and side channel analysis

Benefits

Freedom and Flexibility: At Yubico, we want you to be your most productive selves whether you decide to work 100% from home or choose to work hybrid/onsite