Firmware Security Engineer

As a Firmware Security Engineer at OnLogic, you will be part of a team that develops and protects industrial computing products. In this role, you lead the vulnerability management firmware/software coding tasks for the various UEFI/BIOS, BMC and microcontroller (MCU) applications across our own products, including motherboards and expansion cards. You will also collaborate with external partners performing BIOS customization for our own computer motherboards. You will engage in projects from vulnerability identification, risk mitigation and validation testing. We are growing at an incredible pace and we’re looking for a dynamic, and dedicated team member to help us continue to Make It Possible. This full-time position will be located on site in Taipei, TW 

In this role, you’ll be responsible for:

• Work with the security team to identify and mitigate firmware vulnerabilities
• Perform firmware development for vulnerability mitigation
• Work with the firmware development team to define BIOS specifications.
• Collaborate with external parties in the vulnerability management lifecycle.
• Validate function of firmware & BIOS on prototypes.
• Actively participate in continuous improvement of the company’s development processes.
• Support vulnerability lifecycle management
• Support product security and customer communications on related issues.

The team you will be joining: 

IT/Software: Our IT team touches every aspect of our business and each of our day to day lives here at OnLogic. Made up of software developers, infrastructure and security experts, systems and network engineers and business technology professionals, our IT team is constantly working to improve our internal systems to make our lives easier, while optimizing our website to do the same for our customers. From the technology we use to do our jobs, to the infrastructure that supports the way we build, test and ship our products, our IT team keeps our business running smoothly. Learn more about Life at OnLogic.

Requirements

• You have a bachelor's degree or higher in Computer Science, Cybersecurity, Software or Electrical Engineering.
• 5+ years of Firmware security management experience, preferably in the industrial PC industry working with BIOS/UEFIs.
• Proven experience in embedded systems security, with a focus on threat modeling, risk assessment, and security implementation.
• Strong experience with UEFI security standard (TPM 2.0, Secure Flash, Capsule updates, Secure/Trusted/Measure boot, Intel BIOS/Boot guard,  Intel PTT, Intel TXT)
• Experience collaborating across multiple engineering disciplines in a leadership capacity, such as mechanical, electrical, firmware and security.
• Experience in embedded firmware and debugging using JTAG based debuggers & logical analyzers.
• Strong understanding of vulnerability lifecycle including scanning, CVEs management and risk mitigation
• Collaborate with teammates on the Cybersecurity, Component Engineering, and other Engineering teams to implement secure and compliant systems
• Contribute to the Security Development Lifecycle of the Firmware by supporting its development at different stages, including design, threat analysis, implementation, validation, vulnerability testing, certification, and audit.
• Strong background in software development, experience in Python.
• Experience with version control systems (like Git) and the software development process.
• Understanding of PC hardware architectures, BIOS, and Linux.
• Extensive experience with microcontrollers, their architecture and operation.
• Experience with common security standards and certifications (e.g., Common Criteria, MITRE, FIPS, ISO 27001:2022, IEC 62443).

Who we're looking for:

• You understand what leadership muscles you need to flex to effectively lead and inspire teams.
• You are a clear communicator; with examples of setting expectations and holding teams accountable to the outcomes.
• You’ve demonstrative ability to build and develop a high performing team
• You’re a problem solver with creative ideas to support our shared future growth and success.
• A self starter with the ability to work in a fast paced environment, thinking independently and acting proactively
• Effective communicator, delivering critical feedback in a constructive way while working collaboratively cross-functionally
• Technically adept and embraces innovation and automation with a mind toward continuous improvement

Who we are:
OnLogic employees have the opportunity to shape our future and drive impactful change. We design and manufacture specialized computers and hardware solutions for companies all over the world, helping them to make the seemingly impossible possible. Our computers are designed to work where others fail, and it's our vision to be the first choice in industrial computing. To make that vision a reality, we've built a team of ambitious problem solvers, guided by the company's core values of Open, Fair, Innovative and Independent. We have an open office, open salaries and strive to be fair and transparent in our decision making. We encourage input and feedback from every member of our team and look to improve ourselves and our business every single day.

Diversity is an essential element of our core values. Not just respecting, but actively embracing a variety of backgrounds, life experiences, and opinions, helps us foster innovation, enhances our problem-solving capabilities, and promotes learning and engagement among the members of our team. We strongly encourage those with diverse backgrounds to apply.

We are committed to providing a safe, inclusive, and harassment-free workplace for all employees. We do not tolerate any form of harassment, discrimination, or bias based on race, ethnicity, gender, sexual orientation, religion, disability, age, or any other protected characteristic.

To learn more about our values, our mission and what it's like to work at OnLogic, visit www.onlogic.com/careers.

Benefits

The salary range for this role is NT$1,500,000 to NT$2,000,000. We determine final compensation based on discussions with applicants and their experience in similar roles. 

• A competitive Salary based upon your experience and the requirements of the role
• A comprehensive Benefits package
• An Annual Profit Share Bonus 
• Opportunity to Participate in our Employee Stock Purchase Plan