Intel is an innovative technology company that uses artificial intelligence to elevate multiple industries.
Programmable Solutions Group Security Researcher
Intel’s Programmable Solutions Group is seeking a Product Security Expert to drive security assurance for its product portfolio, encompassing hard Ips, soft IPS, FPGAs, e-ASICS/ASICS, SoCs, platforms/solutions, and design software for its programmable devices.
Product Security Expert is an objective, independent reviewer of a product’s security risks. The Product Security Expert consults with product development teams regarding secure design, development, controls, and objectives. Demonstrating expertise with the Security Development Lifecycle in specific areas of threat modeling, security validation strategy and planning, architecture reviews, design reviews and implementation reviews.
In this position you will:
• Provide feedback/consulting to teams regarding best practices in secure product development.
• Drive technical security reviews on product architecture, design, implementation, and validation.
• Participate in reviews/discussions regarding security issues discovered in released products.
• Mentor aspiring Product Security Expert candidates.
• Maintain and build product security expertise through continuing education, research into industry trends and technologies, participate in different conferences and publications related to security.
Responsibilities include but not limited to:
• Empowered to customize a project’s security assurance plan and/or assign additional security requirements on the technical aspects of architecting/designing, developing, and validating secure products.
• Participates in all product security reviews.
• Provides feedback/consulting to teams regarding best practices in secure product development (connecting with other security experts for guidance in areas which are outside their expertise).
• Evaluates products, identify security concerns, and recommend appropriate mitigations across the full product lifecycle.
• Has thorough understanding of security assurance dependencies and best practices relative to third-party (open source or 3PIP). Understands what resources are available and capabilities that can be tapped to assist teams in closing implementation issues. Understands what the appropriate security tools are for their domain and has functional understanding of how and when to use (static and dynamic analysis tools, fuzzing tools, register tools, etc.). Is capable of conducting and guiding teams through security code reviews.
• Reviews security validation plans and helps guide the team’s security validation activities – providing insights on security validation techniques, may extend to tools.
• Supports, as necessary, the disposition of security issues or vulnerabilities identified in validation.
• Support product hardening efforts (e.g., Hackathon, Fuzzing, Pen Testing, etc.) throughout the whole product development process.
• Support reviews/dispositions/escalations regarding security issues discovered in released products.
• Contribute to the creation and maintenance of secure development BKMs and training collaterals.
• Good communication skills, both written and verbal.
• Self-directed, and good problem-solving skills.
• Good interpersonal skills, team player, collaborative, and thrives in a fast-paced, dynamic environment.
MS degree in Computer Science, Computer Engineering, Electrical Engineering, or related field.
5+ years of experience in the following areas:
• System/platform, hardware (hard IP, FPGA, SOC), firmware, or software security.
• Industry experience in product security and has a deep technical background in security architecture, design, development, validation, or penetration testing in relevant technology domains.
• Experience with industry security development lifecycle processes (e.g., SDL), security assurance tasks, and in-depth technical security reviews.
Additional Preferred Qualifications:
Expertise or experience in one or more of the following areas: threat modeling, exploitation, mitigation development, and security testing techniques.
Inside this Business Group
The Programmable Solutions Group (PSG) was formed from the acquisition of Altera. As part of Intel, PSG will create market-leading programmable logic devices that deliver a wider range of capabilities than customers experience today. Combining Altera’s industry-leading FPGA technology and customer support with Intel’s world-class semiconductor manufacturing capabilities will enable customers to create the next generation of electronic systems with unmatched performance and power efficiency. PSG takes pride in creating an energetic and dynamic work environment that is driven by ingenuity and innovation. We believe the growth and success of our group is directly linked to the growth and satisfaction of our employees. That is why PSG is committed to a work environment that is flexible and collaborative, and allows our employees to reach their full potential.
Work Model for this Role
This role will be eligible for our hybrid work model which allows employees to split their time between working on-site at their assigned Intel site and off-site.
MYExperienced HireJR0205848PenangProgrammable Solutions Group