Principal Security Firmware Architect

About the role

As a leader/team member in Security Firmware Architecture, you will drive balanced, scalable, and automated solutions. In this high visibility position, your software systems engineering expertise will be necessary towards product development, definition, and root cause resolution.

Responsibilities

• Lead the architecture and design of secure embedded firmware solutions, ensuring robust protection against vulnerabilities and threats.
• Develop and implement security microarchitectures, leveraging advanced cryptographic techniques and protocols.
• Collaborate with cross-functional teams to integrate security features into embedded systems, ensuring compliance with industry standards and best practices.
• Conduct thorough security assessments and threat modeling to identify and mitigate potential vulnerabilities in firmware designs.
• Mentor and guide junior engineers in best practices for secure firmware development and cryptographic implementations.
• Stay abreast of emerging security technologies and trends, and evaluate their applicability to our products and solutions.
• Drive the adoption of secure coding practices and tools, including static and dynamic code analysis, to enhance the security posture of our firmware.
• Work closely with hardware teams to interpret board schematics and data sheets, ensuring seamless integration of security features.
• Lead initiatives to enhance systems management and security in data center environments, focusing on server components and management protocols.
• Champion the implementation of Secure Boot, SPDM, Root of Trust, TCG DICE, and NIST 800-193 standards across our product lines.
• Collaborate with industry partners and stakeholders to advance security features in Baseboard Management Controllers (BMC) and associated protocols.
• Experience with OCP S.A.F.E. audits is preferred.
• What You Bring
• Bachelor's in Electrical Engineering , Computer Science, Computer Engineering, or related technical discipline
• 12 + years of experience in BMC development including developing industry standard security practices , secure architecture and tools (alternatively 10+ years with an MS degree)
• Extensive experience in embedded firmware development, with a focus on security and cryptography.
• Deep knowledge of embedded protocols such as I2C, I3C, SPI, USB, PCIe, and others.
• Proven experience in both bare metal and OS-based embedded firmware development, including RTOS, embedded Linux, and Uboot .
• Strong expertise in security microarchitecture and design, with a focus on cryptographic algorithms and protocols (CIA, Certificates, PKI, SHA, ECC, HMAC, AES).
• Demonstrated ability to identify and address security vulnerabilities in embedded systems.
• Familiarity with industry-standard static and dynamic code analysis tools such as Coverity.
• Knowledge of code composition tools such as Black duck or equivalent is plus.
• Ability to read and interpret complex board schematics and data sheets.
• Experience with systems management in data center environments, including server components and management protocols.
• Familiarity with Secure Boot, SPDM, Root of Trust, TCG DICE, and NIST 800-193 standards.
• Experience with Baseboard Management Controllers (BMC), Redfish, PLDM, Yocto , and OpenBMC software stack.
• Knowledge of any specific FPGAs security features is a plus.
• Excellent communication and leadership skills, with the ability to work effectively in a dynamic and collaborative environment.
• Self-starter with the ability to work independently and drive projects to completion.
• #ZTSANENG2025!
• About ZT Systems
• Join ZT Systems and help us build technology infrastructure that connects the world.

Benefits

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at connect? Share your experience