Staff. Embedded Software Security Engineer

Enphase Energy Petaluma , CA 94999

Posted 4 weeks ago

Staff Embedded Software Security Engineer

Enphase Energy is looking for an experienced Sr. Embedded Software Security Engineer. This position is a collaborative role between our CTO and Embedded Software Engineering teams focusing on the security and resiliency of Enphase's energy management systems. The ideal candidate has experience building hardened embedded Linux and RTOS platforms and an excellent understanding of vulnerability management, penetration testing, cryptography, network protocols, secure network design, cyber-attack vectors and mitigation methods. This role will require knowledge of automated build infrastructure for entire platforms that include stability, reliability and regression test suites. A great senior engineer has a strong technical background and excellent hands on development skills.

Responsibilities

  • Architect, design and implement embedded software instrumentation to enable DevOps and SecOps to monitor, detect, and remediate intrusions

  • Balance limited system resources to provide service guarantees for critical infrastructure code

  • Architect, design, implement, support, and evaluate security-focused tools and/or services

  • Build secure Linux and RTOS based embedded operating system platforms

  • Secure the product with cryptography from the factory floor to hardware verified installation

  • Monitor sources such as Common Vulnerabilities and Exposures (CVE) database to identify security issues, assess their implications, set priorities and develop mitigation solutions

  • Define and operationalize long term security maintenance practices such as patch management for our products presumed long field lifetime

  • Participate in security certification, generating technical documentation, presenting to internal and external customers

  • Develop precise, testable, embedded platform security software requirements which tightly couple to market and architectural requirements and use cases

Requirements

  • Must have a BSc/BEng or equivalent experience in Computer Security, Computer Science, Software Engineering,

  • Electrical/Electronic Engineering or other related fields.

  • Must have a minimum of 8 years development experience in an embedded security role

  • Good understanding of embedded systems architectures (such as ARM, Cortex), embedded systems tools/emulators, RTOS/Linux, embedded network protocols and programming languages (such as SSL, C/C++, Python).

  • Work experience with platform boot security measures including TPM2.0 and Secure Boot.

  • Knowledge of methods for cryptographically signing and validating software builds

  • Good understanding of one or more of the following: reverse engineering, Invasive/semi-invasive attacks, fault injection, hardware Malware, Physically Unclonable Functions (PUFs), physical layer identification/device fingerprinting, tamper resistance.

Advantage but not required

  • Understanding of one or more of the following is desired: OTP, PKI, SPI/I2C Bus Analyzers, JTAG probing.

  • Good understanding of one or more security tools (such as IDA Pro, Kali embedded systems tools, Metaspolit and so forth).

  • Security certifications such as CISSP, CEH, CSSLP.

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
IT Systems Engineer AWS

Petaluma Health Center

Posted 6 days ago

VIEW JOBS 10/8/2019 12:00:00 AM 2020-01-06T00:00 The Petaluma Health Center's mission is to provide high quality health care, with access for all, in Southern Sonoma County. The Center accomplishes this mission through collaborative, innovative programs, services and referral resources that meet the economic needs of the entire community. The Petaluma Health Center is an nine-time award winner in the North Bay Business Journal's Best Places to Work for 2018, 2017, 2016, 2015, 2014, 2013, 2012, 2011 and 2009 and we were named as one of the Healthiest Companies in the North Bay' by the North Bay Business Journal for the last 5 consecutive years.We are a Federally Qualified Health Center (FQHC) that provides primary medical care and mental health services to residents of Petaluma, Rohnert Park, Cotati, Penngrove and surrounding areas. We are organized as a private, non-profit corporation and governed by a consumer and community led Board of Directors. For more information about us, please visit us at www.phealthcenter.org. Position Title: IT Systems Engineer Summary: The IT System Engineer is responsible for effective provisioning, installation/configuration, operation, and maintenance of systems hardware and software and related infrastructure. This individual participates in technical research and development to enable continuing innovation within the infrastructure. This individual ensures that system hardware, operating systems, software systems, and related procedures adhere to organizational values. Areas of Responsibility: SA Engineering and Provisioning: * Engage with System/Network Admin Vendors, review invoices & contracts, recommend system improvements and processes, in-line with established business goals * Install new / rebuild existing servers and configure hardware, peripherals, services, settings, directories, SAN storage, etc. in accordance with standards and project/operational requirements * Develop and maintain installation and configuration procedures * Contribute to and maintain system standards * Research innovative, and where possible automated approaches for system administration tasks * Identify processes that leverage our resources and provides economies of scale * Assist in the management of existing servers, Voice, VM environment, and configure hardware, peripherals, services, settings, directories, storage, etc. in accordance with standards and project/operational requirements * Support various on premise server software solutions (WSUS, AD, DHCP, Uniprint) Operations and Support: * Perform daily monitoring, verifying the integrity and availability of all hardware, server resources, systems and key processes, reviewing system and application logs, and verifying completion of scheduled jobs such as backups * Create, change, and delete user accounts per request * Provide Tier II/III/other support per request from various constituencies as needed. Investigate and troubleshoot issues * Repair and recover from hardware or software failures. Coordinate and communicate with impacted constituencies * Prepare users by designing and conducting training programs; providing references and support as needed * Maintain the PHC intranet, Service Desk, Office 365, PolicyTech, Amazon, and other Cloud Software solutions in consultation with support Vendors as needed Maintenance: * Apply OS server patches and upgrades on a regular basis, and upgrade administrative tools and utilities. Configure / add new services as necessary * Maintain system software that supports Server Virtualization infrastructure applications or Asset Management applications per project or operational needs * Maintain operational, configuration, or other procedures * Perform periodic performance reporting to support capacity planning * Perform ongoing performance tuning, hardware upgrades, and resource optimization as required Configure CPU, memory, and disk partitions as required * Maintain data center environmental and monitoring equipment Desktop Client Management: * Install, upgrade, and secure operating systems software and applications as needed * Support various on premise software solutions (eCW, Dentrix, Dexis) * Support Terminal Server and VDI environment, trouble shoot, and escalate issues if required * Perform regular security monitoring to identify any possible intrusions * Ensure the network security policy and standards for PHC are implemented: * Install appropriate firewalls, password protections, and anti-virus software * Install patch updates as appropriate * Ensure computer security as necessary, for example, by eliminating unnecessary services, minimizing unencrypted authentication, prevent unauthenticated email relays and uncontrolled access to proxy services, and providing for physical security Printer Management: * Assist with firmware and driver maintenance on all supported printer servers * Configure various server and client operating systems for printing * Install, configure, and maintain network printers as needed * Troubleshoot and resolve fax server issues Backup Management: * Set up systems for back up. Assist in maintaining and monitor daily logs. * Assist in resolving any client-side and server backup issues * Perform full and partial restores of servers as necessary * Assist in remote monitoring of backup jobs * Perform regular file archival and purge as necessary * Design client scripting and configuring of supported desktop/laptops for deployment * Review daily backup operations, ensuring all required file systems and system data are successfully backed up to the appropriate media, recovery media or disks are created, and media is recycled and sent off site as necessary Phone and Video Communication Management: * Maintain and Support Vocera & VoIP Phone Systems * Program and distribute iOS devices as needed * Support Vocera Server and other Facility Systems – including MACs and licensing/troubleshooting of issues with the system in conjunction with the vendor * Support TV, Cisco Video, Webex, and Jabber messaging platforms * Telephony MACs and troubleshooting of issues (voicemail, phone not working, quality, etc.) General Duties: * Assist with all other special tasks and manage projects as directed by management * Assist in troubleshooting hardware, software and network problems. File bug reports and follow-up to resolve problems with vendors * Collaborate with network engineers, architects and other team members on the implementation, testing, deployment and integration of network and server systems * Coordinate with other teams or departments to resolve user problems * Develop and participate in workflow documentation * Document helpdesk tickets as needed * Document, track, and monitor IT problems using applicable systems and tools * Document Server and Systems procedures * Evaluate and test stability of new products * Ensure that optimal inventory, and equipment management systems and processes are in place to support operations * Follow-up and update customer status and information * Limited staff training for commonly used applications (Webex, VPN, RPD, Office Suite, iOs) * Maintain computer and manual filing systems * Maintain and update location maps and IT device inventory as needed * Pass on any feedback or suggestions by customers to the appropriate internal team * Responsible for answering IT requests via phone, email, live chat or instant messages * Setup Projector, Laptop, Phones, and Mobile devices for staff meetings if needed * Study the "best practices" of other organizations and make recommendations regarding changes that would benefit PHC * Use security best practices * As needed, may be required to attend out-of-state training * Work across a broad range of technologies and liaises across multiple areas of the business to support incidents, problems and requests. * Participate in rotating on-call (after hours) support Active Directory Administration: * Help assign user accounts and group creations as needed * Support on an ongoing basis, all systems for Moves, Adds and Changes (MACs) up to and including system access and modification. This includes but is not limited to: * Active Directory – add/change/disable Users, provide access to drives and resources as requested. Troubleshoot issues with Group Policy, scripting, drive mapping, printer mapping and others. Other Duties: * Assists with other duties as directed Experience and Skills: Qualifications: To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Education/Experience: * Bachelor's degree with a technical major, such as engineering or computer science or equivalent; or six to eight years related experience and/or training; or equivalent combination of education and experience * Four to six years system administration experience * Experience with providing network security, including providing patches, anti-virus software, firewalls and password protection * Experience and knowledge of Apple hardware and software, including OS X Server, MSOffice for MAC * Experience with databases, networks (LAN, WAN) and patch management preferred * Knowledge of system security (e.g. intrusion detection systems) and data backup/recovery * Knowledge of networking and security, including TCP/IP, AFP, SMB, NFS, SFTP, SCP, SSH, SSL, OSI layer model * Knowledge and ability to provide support for various software packages including Microsoft products, eCW, and Dentrix * Knowledge to ensure network security policy and standards for PHC are implemented and enforced Desired Skills: * Ability to manage multiple tasks & meet deadlines * Ability to effectively manage confidential information * Ability to troubleshoot problems under pressure * Ability to work and communicate effectively with staff * Attention to detail and problem solving skills * Critical thinking skills * Demonstrated ability to work alone and in a team environment * Effectively prioritize workload * Excellent planning, project management, and problem-solving skills, along with superior communication and interpersonal abilities * Effectively communicate clearly in person & in writing * Exhibits sensitivity to the needs and the situations of multi-cultural populations from a variety of income levels * Strong interpersonal skills * Strong customer service ethic * Promote and support PHC's mission and vision * Proactive and responsible with excellent follow-up and customer service Licenses and Certifications: * Amazon AWS Certified Solution Architect Associate or Systems Operations Associate required * Cisco or similar professional certification preferred * Microsoft MCSE certification preferred * ECW Certification (eCW Tech/eCW DS) preferred * ITIL Foundation Certification (ITIL -F) preferred * Current, valid California Driver License * VMWare Certified Professional VCP-DCV preferred Language Skills: Bilingual in English and Spanish, both written and verbal preferred. Mathematical Skills: Ability to add, subtract, multiply, divide in all units of measure, using whole numbers, common fractions and decimals. Reasoning Ability: Ability to recognize problems, collect data and establish facts. Computer Skills: Electronic Medical Records Experience Preferred. Experience with Microsoft Server/OS Platforms. Microsoft Office, Outlook, Word, and Excel. Use of a web browser. Petaluma Health Center is an equal opportunity employer. Please apply directly through our career page at www.phealthcenter.org. Petaluma Health Center Petaluma CA

Staff. Embedded Software Security Engineer

Enphase Energy