Introduction

iRobot is in immediate need of a Product Security Engineer on its Product Security team. iRobot leads the market in consumer robotics and enabling the smart home, and the cloud infrastructure underpins its millions of connected robots.

We need an engineer with experience in security principles to assist in evaluating new hardware designs for adherence to iRobot security standards, and to develop and execute on tools and processes related to security operations of the product, including cryptographic operations for firmware signings and key generation.

What You Will Do:

Work with the Product Security and Supply Chain teams to perform evaluations and risk assesments of proposed hardware designs;Develop tooling related to manufacturing line deployment of cryptographic material to product;Perform operations related to cryptographic material generation and signing for firmware.Practical experience in attack or penetration testing of chips, devices, and applications, and proficiency in using various fuzzy testing methods; familiar with the principles of mainstream algorithms and their application on embedded systems.MCU/SoC security development experience, including but not limited to: security engine, boot, debug, storage, upgrade, production, etc.

To Be Successful You Will Have:

Strong experience and understanding of System on Chip (SoC) designs, especially as it relates to security features such as Trusted Execution Environments (TEE), cryptographic key management and protection, SecureBoot operations, and techniques for protection of memory.Familiar with encryption and decryption algorithms, digital signatures, key management, digital certificates, and PKI/CA systems;Proficient in C and C++ programming languages, with knowledge of assembly language;Develop security infrastructure, including but not limited to: secure boot, efuse/security engine/HSM, secure upgrade, etc.;Design and develop anti-cloning, anti-tampering, and secure upgrade solutions for embedded platform firmware;Analyze and research anti-intrusion and anti-tampering technologies in IoT device security and implement them in product development;Research and analyze security vulnerabilities in existing products, design and improve product security solutions;Basic knowledge of industry-standard tooling like Jira, Confluence, Git, etcExceptional ability to document, in graphical, narrative, and code-commentary forms, the complete design of a system including the use of call-flow diagrams, architecture workflows, and step-by-step descriptions.Proficiency in written English language, intermediate experience in spoken English language, expertise in written and spoken Mandarin language.