Offensive Firmware Security Researcher

Job DescriptionPerform security architecture design review and threat analysis of firmware and hardware , to ensure security properties and robustness of our complex software productsIdentify vulnerabilities in our firmware, build proof of concepts, and drive remediation via secure code reviews, fuzz and penetration testingRecommend security controls, evangelize and drive adoption of new or improved tools, practices, and plans to increase product robustness and reliability.Collaborate with engineers, customers, and/or partners to perform internal or external security audits on our products to ensure the security quality.Respond to product security incidents, coordinate engineering teams and partners to solve security related issuesWork with other parts of our company on a broad range of technologies and initiatives to enhance security.Research and exploit side-channel, fault, and advanced physical attacksRequirementBS+ in Computer Engineering, Computer Science, or Electrical Engineering.7+ years of relevant work experienceProgramming background in ARM/RISCV assembly, Python, C, C++, and/or RUSTKnowledge of embedded system architecture and security (e.g. Android/Linux, ARM trust zone, hypervisor/virtualization...etc.).Knowledge of hardware/software vulnerabilities and their exploit techniquesExperience with security design review or threat modeling throughout hardware to software.Experience with secure code review, analysis, vulnerability assessment, hacking/attack analysis.Motivated by pursuing difficult and novel problems in a highly complex environmentExcellent at multitasking, organizing, and prioritizing complex projects to meet deadlinesListens for nuances and digs into details to understand systems deeplyPreferred Requirementexperience on any automotive grade platform such as AUTOSAR, QNX, Android Automotive, etc.JTAG, debugging, binary instrumentation frameworks, Reverse-engineering (IDA Pro, Ghidra)ISO21434 or ISO 26262 compliance experienceTARA or HARA methodology and execution experienceCACSE (Certified Automotive Cyber-Security Expert) certificateCACSP (Automotive Cyber-Security Professional) certificateSalary ***** $180,000- $260,000Employee may be eligible for performance bonus, short and long term incentive programs. Actual total compensation will be dependent upon the individuals skills, experience and qualifications. In addition, MediaTek provides a variety of benefits including comprehensive health insurance coverage, life and disability insurance, savings plan, Company paid holidays, Paid time off (PTO), Parental leave, 401K and more.MediaTek is an Equal Opportunity Employer that is committed to inclusion and diversity to all, regardless of age, ancestry, color, disability (mental and physical), exercising the right to family care and medical leave, gender, gender expression, gender identity, genetic information, marital status, medical condition, military or veteran status, national origin, political affiliation, race, religious creed, sex (includes pregnancy, childbirth, breastfeeding and related medical conditions), and sexual orientation.

Created: 2025-05-31