The Oracle Cloud Infrastructure (OCI) team can provide you the opportunity to build and operate a suite of massive scale, integrated cloud services in a broadly distributed, multi-tenant cloud environment. OCI is committed to providing the best in cloud products that meet the needs of our customers who are tackling some of the world’s biggest challenges.
As a Principal Hardware Security Engineer you will be involved in ensuring that the compute hardware that is used in the Oracle Cloud Infrastructure meets the security bar to ensure compliance with our security posture. You will be get an opportunity to define security requirements for hardware ensuring hardware does not preclude inclusion of security controls essential to meet or exceed our posture. You will work closely across Oracle, with third party vendors, and with standards organization to influence the next generation of hardware platform security. You will also works closely with OCI's operations and engineering teams, constantly striving to improve Oracle Cloud's overall operational security posture by defining the supply chain and operational requirements to establish best practices for managing security for devices in our cloud infrastructure.
Our principal hardware security engineers have a blend of hardware, firmware and security skills.
Key Responsibilities
Definition of security requirements for hardware enabling OCI security posture aligning business needs and technology trends
Provide independent design consulting in area of expertise to implement:
- requirements specified by the hardware security team
- features required to achieve security bar
- operations (provisioning, re-use, decommissioning) inline with security posture
Hands on
- security assessments of compute devices to ensure device meets requirements.
- adversarial assessments of compute devices to ensure they can’t be compromised.
Assess risk from findings and threat models and identify proper risk mitigation controls
Work across to teams to ensure requirements, findings and recommendations are implemented
Mentor junior engineers
Minimum Qualifications
Bachelor's degree in Electrical Engineering, Computer Science or related field or equivalent experience
8-10+ years of experience in hardware security architecture / engineering / validation / planning or related area
Demonstrated competency in hardware/firmware with a focus on security
Competency with computer architecture
Subject Matter Expertise in one the following areas:
- Root Of Trust (TCG SRTM, DRTM)
- x86 (Intel, AMD), ARM server platform architecture, UEFI
- GPU platforms, rackscale systems, clustering
- Baseboard Management Controllers
- SmartNICs (DPUs)
- Storage devices
Security concepts and standards associated Attestation (Ex: SPDM) and measurements, cryptography, Secureboot, DICE etc.
Ability to work with most common programming languages (C, C++, Java, Python, Ruby, Go, Rust)
Ability to read and review hardware schematics for security concerns
Experience with reversing tools and ability to reverse engineer
Preferred Qualifications
- Ability to read and understand x86 and/or ARM assembly language
- Knowledge of vendor-specific TEE technologies such as Intel SGX
- Familiarity with common embedded communications interfaces (SPI, I2C, RS232-style serial)
- Basic knowledge of enterprise and/or datacenter networking architecture
- Experience operating in a large-scale DevOps or CICD environment
- Ability to write clear and concise product security requirements
- Ability to effectively assess risk from findings and threat models and identify proper risk mitigation controls
- Ability to succeed individually or collaboratively, whether working internally or with external organizations and individuals
- Experience working effectively in a large and distributed company
- Excellent organizational, verbal and written communication skills
Disclaimer:
Certain U.S. based or U.S. customer or client-facing roles may be required to comply with applicable requirements, such as immunization/occupational health mandates, and/or drug testing requirements.
Range and benefit information provided in this posting are specific to the stated locations only
US: Hiring Range in USD from: $106,300 to $234,600 per annum. May be eligible for bonus, equity, and compensation deferral.
Oracle maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect Oracle's differing products, industries and lines of business. Candidates are typically placed into the range based on the preceding factors as well as internal peer equity.
Oracle US offers a comprehensive benefits package which includes the following:
- Medical, dental, and vision insurance, including expert medical opinion
- Short term disability and long term disability
- Life insurance and AD&D
- Supplemental life insurance (Employee/Spouse/Child)
- Health care and dependent care Flexible Spending Accounts
- Pre-tax commuter and parking benefits
- 401(k) Savings and Investment Plan with company match
- Paid time off: Flexible Vacation is provided to all eligible employees assigned to a salaried (non-overtime eligible) position. Accrued Vacation is provided to all other employees eligible for vacation benefits. For employees working at least 35 hours per week, the vacation accrual rate is 13 days annually for the first three years of employment and 18 days annually for subsequent years of employment. Vacation accrual is prorated for employees working between 20 and 34 hours per week. Employees working fewer than 20 hours per week are not eligible for vacation.
- 11 paid holidays
- Paid sick leave: 72 hours of paid sick leave upon date of hire. Refreshes each calendar year. Unused balance will carry over each year up to a maximum cap of 112 hours.
- Paid parental leave
- Adoption assistance
- Employee Stock Purchase Plan
- Financial planning and group legal
- Voluntary benefits including auto, homeowner and pet insurance
The role will generally accept applications for at least three calendar days from the posting date or as long as the job remains posted.
Career Level - IC4