Principal Silicon Security Architect

The Windows & Devices team is on a journey to deliver iconic end-to-end products across hardware, software, and services that people love and use every day. To realize this, Windows needs to enable the creation of desirable and powerful devices that enable the experiences people want. Creating these new experiences and devices requires an obsession with bringing together the right experience with our passion to enable everyone to do and be their best.

The Windows Silicon and System Integration Architecture (WSSI) team is seeking a highly skilled and experienced Principal Silicon Security Architect to join our dynamic team in the WSSI organization. In this role, you will be responsible for designing and implementing robust security frameworks for our next generation hardware products. You will work closely with cross-functional teams to ensure the security and integrity of our devices and systems.  You will also be tasked with defining the architectural requirements for debugging capabilities. 

Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day.

Responsibilities

• Design and establish the security framework for a high-performance system on chip (SoC) intended for client systems.
• Develop comprehensive technical documentation that covers security requirements, architecture diagrams, and test plans.
• Perform comprehensive threat modeling and risk assessments to detect possible vulnerabilities and create plans to address those risks.
• Continuously manage the integration of the latest security mitigations into our architecture
• Work closely with engineering and development teams to incorporate security elements into hardware design from the initial stages through to production.
• Offer training and advice to internal teams on the best practices for hardware security and new threats.
• Keep up with the newest hardware security technologies and methods and use this knowledge to strengthen our security.
• Scope and define Debug requirements needed to support Firmware, Software and silicon debugging
• Define architectural implementation needed to support the Debug requirements
• Embody our Culture and Values

Qualifications

Required/Minimum Qualifications

• 9+ years of related technical engineering experience
• OR Bachelor's degree in Electrical Engineering, Computer Engineering, Computer Science, or related field AND 6+ years technical engineering experience or internship experience
• OR Master's degree in Electrical Engineering, Computer Engineering, Computer Science, or related field AND 4+ years technical engineering experience or internship experience
• OR Doctorate degree in Electrical Engineering, Computer Engineering, Computer Science, or related field AND 3+ years technical engineering experience.

• 8+ years of professional experience in designing, debugging and implementing security architecture for high-performance Systems On Chip (SoC). 
• 4+ Experience in SoC security design and core security principles, including experience with hardware security enclaves, Trusted Execution Environment, Confidential Computing, and secure debug 
• 3+ years in threat assessment modeling of software and hardware, analysis of physical threats and microarchitectural threats 

Additional or Preferred Qualifications

• Strong understanding of cryptographic algorithms and protocols.
• Experience with Neural Processing Unit (NPU) architecture and security.
• Experience in SoC security design and core security principles, including experience with Hardware Security Modules (HSMs), secure boot, secure firmware updates, Attestation, Secure recovery and secure debug
• Expertise in implementing security measures to defend against physical threats, such as fault injection attacks and side channel attacks
• Experience with remote attestation mechanisms using Trusted Platform Modules (TPM)or other technologies and Digital Rights Management (DRM) standards
• Experience with Secure Hardware Development Lifecycle (SHDL).
• Knowledge of secure boot mechanisms, TPM, Hardware Security Modules (HSM), and related technologies.

Silicon Engineering IC5 - The typical base pay range for this role across the U.S. is USD $137,600 - $267,000 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $180,400 - $294,000 per year.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay   

Microsoft will accept applications for the role until December 6, 2024

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances.  We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.

Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.

#WSSI