Security Firmware Engineer

Sandisk

$100K — $130K *
Consumer Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's or Master's degree in Computer Engineering, Electrical Engineering, Computer Science, or related field.
  • 2-6 years of embedded firmware experience, specifically with security firmware or cryptographic functionality.
  • Proficiency in C, C++, or RUST for low-level firmware development.
  • Experience debugging firmware using JTAG, logs, and simulators.
  • Understanding of security fundamentals including roots of trust and cryptographic primitives.

Responsibilities

  • Design and implement cryptographic features and security-critical firmware.
  • Collaborate with various teams to define trust boundaries in the firmware.
  • Debug and validate security firmware on simulation, ASIC, or FPGA platforms.
  • Investigate security firmware issues and drive root cause fixes.
  • Support validation, vulnerability testing, and certification processes.
  • Participate in secure development lifecycle activities, including threat modeling.

Benefits

  • Participation in a Short-Term Incentive Plan based on company and individual performance.
  • Comprehensive benefits package including medical, dental, and vision insurance.
  • Paid vacation and sick leave.
  • Tuition reimbursement and a 401(k) savings plan.
  • Employee stock purchase plan and various voluntary benefit programs.
Full Job Description
Job Description

We are seeking a Security Firmware Engineer to join Sandisk Security Platform team and contribute to the development of firmware-level security features across our product lines.

This role requires hands-on experience with security firmware and/or applied cryptography. It is suitable for early-career engineers with direct security firmware exposure as well as mid-level engineers who have already delivered security or crypto-related features in production firmware.

The engineer will work closely with firmware, silicon, and security architecture teams on secure boot, secure update, and device attestation mechanisms, contributing across design, implementation, debug, and validation.

ESSENTIAL DUTIES AND RESPONSIBILITIES:
  • Design, implement, and integrate cryptographic functionality and security-critical firmware features, such as secure boot, secure update, encryption, attestation, and key management.
  • Collaborate with firmware, hardware, and system security architects to define and implement trust boundaries and root-of-trust designs.
  • Debug, optimize, and validate security firmware on Simulation/ ASIC / FPGA platforms.
  • Investigate security-related firmware issues, perform root-cause analysis, and drive fixes to closure.
  • Support security validation, vulnerability testing, and certification or audit activities as required.
  • Participate in secure development lifecycle activities, including threat modeling, security design reviews, and secure code reviews.


Qualifications

REQUIRED:
  • Bachelor's or Master's degree in Computer Engineering, Electrical Engineering, Computer Science, or related field.
  • 2-6 years of embedded firmware experience, with demonstrated hands-on experience in at least one of the following:
    • Security firmware features (e.g., secure boot, authentication, secure update, device identity, key management), or
    • Implementation or integration of cryptographic functionality in embedded or firmware environments.
  • Strong proficiency in C and/or C++ and/or RUST for low-level firmware development.
  • Experience debugging firmware using JTAG, logs, hardware bring-up tools, or simulators.
  • Practical understanding of security fundamentals, such as:
    • Roots of trust and boot chains
    • Cryptographic primitives (hashes, symmetric/asymmetric crypto, certificates)
    • Firmware trust boundaries and privilege levels
  • Ability to reason about security impact, correctness, and failure modes in low-level systems.

Preferred / Additional Qualifications
  • Experience with secure boot, measured boot, or attestation implementations.
  • Familiarity with key provisioning, secure storage, or certificate chains.
  • Experience with SoC architecture, ROM/FW interaction, or storage firmware.
  • Exposure to security vulnerabilities and mitigations in embedded systems.
  • Experience with Python or scripting for security testing, validation, or tooling.
  • Familiarity with secure coding guidelines and industry best practices.


Compensation & Benefits Details
  • An employee's pay position within the salary range may be based on several factors including but not limited to (1) relevant education; qualifications; certifications; and experience; (2) skills, ability, knowledge of the job; (3) performance, contribution and results; (4) geographic location; (5) shift; (6) internal and external equity; and (7) business and organizational needs.
  • The salary range is what we believe to be the range of possible compensation for this role at the time of this posting. We may ultimately pay more or less than the posted range and this range is only applicable for jobs to be performed in California, Colorado, New York or remote jobs that can be performed in California, Colorado and New York. This range may be modified in the future.
  • You will be eligible to participate in Sandisk's Short-Term Incentive (STI) Plan, which provides incentive awards based on Company and individual performance. Depending on your role and your performance, you may be eligible to participate in our annual Long-Term Incentive (LTI) program, which consists of restricted stock units (RSUs) or cash equivalents, pursuant to the terms of the LTI plan. Please note that not all roles are eligible to participate in the LTI program, and not all roles are eligible for equity under the LTI plan. RSU awards are also available to eligible new hires, subject to Sandisk's Standard Terms and Conditions for Restricted Stock Unit Awards.
  • We offer a comprehensive package of benefits including paid vacation time; paid sick leave; medical/dental/vision insurance; life, accident and disability insurance; tax-advantaged flexible spending and health savings accounts; employee assistance program; other voluntary benefit programs such as supplemental life and AD&D, legal plan, pet insurance, critical illness, accident and hospital indemnity; tuition reimbursement; transit; the Applause Program, employee stock purchase plan, and the Sandisk's Savings 401(k) Plan.
  • Note: No amount of pay is considered to be wages or compensation until such amount is earned, vested, and determinable. The amount and availability of any bonus, commission, benefits, or any other form of compensation and benefits that are allocable to a particular employee remains in the Company's sole discretion unless and until paid and may be modified at the Company's sole discretion, consistent with the law.

Similar Jobs

More Jobs at Sandisk

More Consumer Technology Jobs

Find similar Security Firmware Engineer jobs: