Hardware/Firmware Security Developer R&D (M/F)

Hardware/Firmware Security Developer R&D (M/F)

Location: Les Clayes-sous-Bois, FR

Organizational context

Product Security makes an increasing use of cryptographic keys to secure firmware and management software. Each new chip comes with its own hardware security mechanisms to support secure boot and secure firmware upgrade. As an integrator of these chips, a vendor must maintain a consistent approach to these security features, from design and development to manufacturing. The protection of the vendor keys is of utmost importance to the security of the supply chain and the trust our customers can have in the security of our products. To achieve a high level of security, the use of hardware security modules (HSM) in the development infrastructure is mandatory. They are also used to provision unique device secrets during manufacturing of Eviden products, more specifically all the BullSequana servers, from Edge to Enterprise and High-Performance Computing (HPC), as well as Quantum Learning Machine (QLM).

The Hardware Security Developer will interact with:

• The different Product managers who are the stakeholders responsible for the delivery of the products to Eviden’ customers.
• Product R&D teams to ensure smooth integration with the security features that they are developing.
• The Hardware Security Architect who is responsible for the overall specification of Product Security Implementation in Eviden’s delivered products.

Role description

• Implements the security features in Eviden’s products according to their development roadmap.
• Contributes to the development and Maintenance of the proxy framework around the HSMs, which is interacting with the different development frameworks.
• Proposes validation and non-regression tests to maintain security features across firmware updates.

Key competencies

• Knowledge of scripting languages, especially bash.
• Knowledge of cryptographic key manipulation with tools like openssl.
• Knowledge of Public Key Infrastructure (PKI).
• Knowledge on hardware security features like HSM, TPM, TEE, Roots and Chains of trust, device attestation, UEFI Secure Boot, etc.
• Fluent written and spoken English.

Nice to have

• Knowledge of pkcs11-tool and PKCS11 interface.
• Knowledge of BIOS and BMC.
• Knowledge of the cybersecurity tools and best practices.
• Experience in Cybersecurity area: access control, encryption/ discovering & managing vulnerabilities/ collecting & analyzing events.