At Sonos, we are passionate about creating and delivering the finest HiFi audio systems in the world to our customers. Our products stream all the music on earth, in every room, wirelessly, and you control it all from the palm of your hand. It’s easy to use, but keeping things simple and bug free is hard work. The problems are complex and the solutions must be elegant. Sonos needs high-energy, innovative engineers to help fuel our rocketing success. We are setting new standards for the audio industry and reshaping the way consumers engage with music.
As a Sr. SW QA Engineer in Security group, you will work in a small, fast moving environment on a variety of security related efforts such as reverse engineering our code, finding exploits from a HW and SW perspective, threat modeling, testing security feature/function – including both security of the products and security related features, and test automation. This will require collaboration with your partners in Development and Test to help define and execute the test strategies and tactics in order to deliver highly secure products. In addition, you will work with a team of industry-leading innovators across fields such as acoustics, mechanical engineering, software, hardware, RF, and user experience. If you love music, solving challenging problems and delivering high-quality products, we want to talk with you!
Our band is large. And while there’s plenty of room for all kinds of personalities and skill sets to succeed, there are certain qualities that will help you thrive here.
Like a never-accept-less work ethic. An exceptionally low ego-to-talent ratio (none of the first, tons of the latter). A relentless craving to push past your limits and try new things. The smarts and the humble confidence to take on big challenges, make mistakes fast and early, embrace tough feedback, then recover quickly with fresh, startlingly perfect solutions. A fearless willingness to defend great work. And a tendency to totally geek out on music.
If this sounds like you, read on and let’s connect soon.
What You’ll Do
• Collaborate with other members of the Product Development organization from a base in the Security Development Team to test deployed firmware, software features, web apps, APIs and mission critical cloud services with focus on embedded firmware security.
• Document test plan and test steps for all tested content and follow through with making sure all of the integration works as expected.
• Automate security testing and vulnerability detection where possible to improve efficiency and coverage
• Provide QA focused security training and mentor-ship to other members of product development
• Investigate, log, track, and triage bugs to determine root cause and establish prioritization
• Conduct and participate in design and code reviews.
• Mentor junior members of team to expand their knowledge on advanced topics.
• BS/BA in Computer Science, Software Engineering or related experience
Skills You’ll Need
• At least 3 years of experience that involved any combination of the following: secure coding and application security, testing of embedded systems (with security focus a plus)
• Experience programming with of one or more of the following languages – Assembly, C/C++, Java, Python
• Strong understanding of Secure Boot technology.
• Strong understanding of security exploits and vulnerabilities
• Strong understanding of symmetric and asymmetric cryptography
• Strong fundamental knowledge of Linux kernel and user space
• Knowledge of PKI and X.509 certificates
• Experience with binary analysis tools (IDA Pro, WinDbg, etc.)
• Strong networking knowledge with expertise in troubleshooting and debugging