As a
Firmware Security Engineer at OnLogic, you will be a vital part of a team dedicated to developing and protecting cutting-edge industrial computing products. You will lead vulnerability management and firmware/software coding tasks for various UEFI/BIOS, BMC, and microcontroller (MCU) applications across our product line, including motherboards and expansion cards. Additionally, you will collaborate with external partners performing BIOS customization for our motherboards. Engaging in end-to-end projects-from vulnerability identification to risk mitigation and validation testing-you will help us securely scale. We are growing at an incredible pace and are looking for a dynamic, dedicated professional to join us.
We believe in the power of in-person collaboration and the benefits of a strong workplace community. Therefore, this role requires an onsite presence at either our
South Burlington, VT or
Cary, NC office. We highly encourage candidates who are able to relocate or comfortably commute to apply.
In this role, you'll be responsible for:- Collaborating with the security team to identify and mitigate firmware vulnerabilities.
- Executing firmware development tasks focused on vulnerability mitigation.
- Partnering with the firmware development team to define precise BIOS specifications.
- Collaborating with external parties throughout the vulnerability management lifecycle.
- Validating the function of firmware and BIOS on hardware prototypes.
- Actively participating in the continuous improvement of the company's hardware and firmware development processes.
- Driving comprehensive vulnerability lifecycle management.
- Supporting product security initiatives and managing customer communications regarding related issues.
Requirements- Bachelor's degree or higher in Computer Science, Cybersecurity, Software Engineering, or Electrical Engineering.
- 5+ years of firmware security management experience, preferably in the industrial PC industry working with BIOS/UEFIs.
- Proven expertise in embedded systems security, with a strong focus on threat modeling, risk assessment, and security implementation.
- Strong command of UEFI security standards (e.g., TPM 2.0, Secure Updates , Capsule updates, Secure/Trusted/Measured Boot, Intel BIOS/Boot Guard, Intel PTT, Intel TXT).
- Experience collaborating in a leadership capacity across multiple engineering disciplines, such as mechanical, electrical, firmware, and security.
- Hands-on experience in embedded firmware debugging using JTAG-based debuggers and logic analyzers.
- Deep understanding of the vulnerability lifecycle, including scanning, CVE management, and risk mitigation strategies.
- Ability to collaborate with teammates on the Cybersecurity, Component Engineering, and other engineering teams to implement secure and compliant development processes .
- Capability to contribute to the Firmware Security Development Lifecycle by supporting its development at various stages, including design, threat analysis, implementation, validation, vulnerability testing, certification, and audit.
- Strong background in software development, including proficiency in Python.
- Experience with version control systems (such as Git) and standard software development processes.
- Solid understanding of PC hardware architectures, BIOS, and Linux operating systems.
- Extensive experience with microcontrollers, including their core architecture and operation.
- Familiarity with common security standards and certifications (e.g., Common Criteria, MITRE, FIPS, ISO 27001:2022, IEC 62443).
Who we're looking for:- You understand the leadership muscles required to effectively guide and inspire teams.
- You are a clear communicator who can provide examples of setting expectations and holding teams accountable to outcomes.
- You have a demonstrated ability to build and develop a high-performing team.
- You are a creative problem solver with innovative ideas to support our shared future growth and success.
- You are a proactive self-starter with the ability to work in a fast-paced environment and think independently.
- You are an effective communicator who can deliver critical feedback constructively while collaborating cross-functionally.
- You are technically adept, embrace innovation and automation, and always approach your work with an eye toward continuous improvement.
BenefitsThe salary range for this role is $100,000 to $120,000. We determine final compensation based on discussions with applicants and their experience in similar roles.
- A competitive salary based upon your experience and the requirements of the role
- A comprehensive benefits package
- 401k Plan with 3% Employer Contribution
- An Annual Profit Share Bonus
- Paid Maternity & Paternity Leave, and Short & Long Term Disability
- Opportunity to Participate in our Employee Stock Purchase Plan
- A personal development plan created to help you (and us) grow
#LI-HG1 #LI-ONSITE
