24 days old

Product Security Expert

Intel
Hillsboro, OR 97123
  • Job Code
    JR0211037
Job Description

We are looking to add an experienced Product Security Expert (PSE) to the Intel Client Computing Group (CCG) Security Assurance and Research team. Product Security Experts(PSEs) are recognized as having deep authoritative technical knowledge of secure product development who can independently review the product's security posture during architecture, design, secure code review, validation and release phases. The role requires thorough knowledge of Intel Security Development lifecycle, security practices, processes, tools and capabilities. Successful candidate will be part of this CCG team of select senior security experts and security researchers.

Job role and responsibilities include:


1. Guide CCG Product development teams through secure development and Security First Mindset practices in meeting CCG security assurance needs.
2. Work with developers to determine the best ways of integrating security assurance practices into their development workflows
3. As required participate in development of threat models and conduct threat model reviews.
4. Assess projects to analyze risks and devise mitigation strategies.
5. Determine solid strategies for security validation, provide consultation, and as required guide teams in implementing specialized parts of those plans.
6. Tailor security validation approach according to project security objectives and risks.
7. Remain knowledgeable of tools and techniques used in security validation: fuzzing, pen testing and others.
8. Work with stakeholders in CCG, IPAS and other business units to ensure the appropriate security assurance requirements are established in our security polices, enforced, and communicated in our security practices.
9. Provide support to the Governance team by providing insights on the Security Development Lifecycle (SDL) quality of execution, PSE knowledge sharing and security assurance practices
10. Collaborate with engineers, consultants, and leadership to address security risks and provide mitigation recommendations within the SDL
11. Ability to comprehend the implications of security trade-offs in the face of threats, attacks and/or vulnerabilities.
12. A great opportunity to learn and work across multiple cutting-edge technologies in the CCG domain and innovate in emerging areas of security assurance.

Additionally, you may:


Respond to customer/client requests or events as they occur
Develop solutions to problems utilizing formal education, judgment and formal processes
Participate in development of intellectual property
Maintains substantial knowledge of state-of-the-art security principles, theories, attacks and contribute to literature and conferences

A successful candidate will demonstrate:

Passion for understanding latest attacks in the industry and applying to Client platforms where applicable

Good network in security community, ethical hackers, academia,
Strong written and verbal communication with proper documentation skills to influence decision making.


Qualifications

You must possess the below minimum qualifications to be initially considered for this position. Preferred qualifications are in addition to the minimum requirements and are considered a plus factor in identifying top candidates.

Minimum qualifications:

  • Bachelor's degree or equivalent in Computer Science, Computer Engineering, or related discipline and equivalent of 4+ years of relevant work experience

  • Knowledge of computer architecture, CPU, SoC, chipsets, BIOS, Firmware, Drivers

  • Breadth of security over HW, SW and Firmware domains.

  • Knowledge of technologies, policies, controls, and services that protect cloud data, applications, and infrastructure from threats is a must..

  • Security testing techniques including fuzzing and pen-testing

  • Foundational Knowledge of security technologies: authentication, cryptography, security protocols

  • Knowledge of static and dynamic analysis tools, fuzzing tools, register tools. (For example: Snyk, BDBA, Klocwork)

Preferred qualifications:

  • Master's degree or equivalent in Computer Science, Computer Engineering, or related discipline and equivalent of 6+ years of relevant work experience

  • Experience in security development lifecycle.

  • Exposure to threat Modeling, reverse engineering skills, exploitation, and mitigation technique developments

  • CISSP and/or other security certifications

  • Knowledgeable in one or more programming languages including low level assembly, C, Java, Python etc.

  • Paper publication, participation in bug bounty programs, recognitions from products and brands will be highly considered.

  • Exposure to Cloud security is a plus.

Inside this Business Group

The Client Computing Group (CCG) is responsible for driving business strategy and product development for Intel's PC products and platforms, spanning form factors such as notebooks, desktops, 2 in 1s, all in ones. Working with our partners across the industry, we intend to continue to advance PC experiences to deliver the real-world performance people demand. As the largest business unit at Intel, CCG is investing more heavily in the PC, ramping its capabilities even more aggressively, and designing the PC experience even more deliberately, including delivering a predictable cadence of leadership products. As a result, we are able to fuel innovation across Intel, providing an important source of IP and scale, as well as help the company deliver on its purpose of enriching the lives of every person on earth.



Other Locations

US, California, Folsom;US, California, Santa Clara


Intel strongly encourages employees to be vaccinated against COVID-19. Intel aligns to federal, state, and local laws and as a contractor to the U.S. Government is subject to government mandates that may be issued. Intel policies for COVID-19 including guidance about testing and vaccination are subject to change over time.



Posting Statement

All qualified applicants will receive consideration for employment without regard to race, color, religion, religious creed, sex, national origin, ancestry, age, physical or mental disability, medical condition, genetic information, military and veteran status, marital status, pregnancy, gender, gender expression, gender identity, sexual orientation, or any other characteristic protected by local law, regulation, or ordinance.



Work Model for this Role

This role will be eligible for our hybrid work model which allows employees to split their time between working on-site at their assigned Intel site and off-site.

Posted: 2022-04-25 Expires: 2022-05-27

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Product Security Expert

Intel
Hillsboro, OR 97123

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast