FIRMWARE SECURITY ENGINEER

with Signing Bonus

Business Area: Firmware Technology and Development

Job Summary:

Our embedded devices are sophisticated Linux-powered systems that combine cutting-edge compute architectures and advanced imaging hardware with the latest in communication, security, and mobile standards and trends.  Embedded firmware security features include user authentication and authorization, data integrity and security, media sanitization, and smart card capabilities. 

The successful candidate will be working as part of a remarkable team which will be involved in the design, creation, debugging, and maintenance of embedded systems code to provide innovative and secure products and solutions to our customers.  Responsibilities include development of embedded applications and libraries in C/C++ and Java in Linux, as well as evaluating and integrating open-source software with our proprietary applications.  Network programming/analysis and a security mindset are a plus. Research new trends in attack tools, techniques, and procedures; and learn how to design and develop to protect against them. 

Your typical day will include:

  • Building domain expertise in your area of responsibility. This includes creating prototypes, problem solving, and delivering shippable features.
  • Collaborating with stakeholders to solidify requirements and working with various teams to accomplish your tasks
  • Asking relevant questions and participating in brainstorming and code reviews
  • Sifting through data and information quickly to identify what is essential
  • Tracking of and adhering to delivery schedules

We invite you to join our team, if:

  • You rock a BS degree in Computer Engineering, Computer Science, Information Technology, Electronics & Communications Engineering, or Electrical Engineering
  • Programming gets you all excited. You know C/C++ like the back of your hand, preferably 4+ years programming experience.
  • Proficiency in Java and Python is preferred.
  • Investigating and squashing bugs is a cathartic experience.
  • You have 2+ years experience in working with an embedded Linux environment (e.g. “sudo make-me-a-sandwich"), that’s a plus.
  • You have knowledge on MITRE ATT&K, CIS, OWASP and other threat, risk and vulnerability frameworks.
  • CISSP, CISSP-ISSEP or CSSLP certification is a plus.
  • Previous security penetration testing experience is desirable.
  • Familiarity with security technologies, processes, and concepts such as symmetric and asymmetric cryptography, TLS, Authentication and Authorization, Static Code Analysis and fuzz testing is desirable.
  • You have background in firmware/software development phases – from product definition through code maintenance
  • You are adaptive to change and/or have familiarity of the AGILE/SCRUM process
  • You are an ambassador of best programming practices (code reviews, unit testing, automation)
  • You are a brainstormer and work well in a team.
  • You are self-initiated and proactive
  • You think of the bigger picture (e.g. beyond that 1-line code change)
  • You are willing to learn from a whole bunch of amazing people

You may send your application to recruitment@lexmark.com.