As a Firmware Security Engineer at OnLogic, you will be part of a team that develops and protects industrial computing products. In this role, you lead the vulnerability management firmware/software coding tasks for the various UEFI/BIOS, BMC and microcontroller (MCU) applications across our own products, including motherboards and expansion cards. You will also collaborate with external partners performing BIOS customization for our own computer motherboards. You will engage in projects from vulnerability identification, risk mitigation and validation testing. We are growing at an incredible pace and we’re looking for a dynamic, and dedicated team member to help us continue to Make It Possible. This full-time position will be located on site in either South Burlington, VT or Cary, NC.

REQUIREMENTS

• You have a bachelor’s degree or higher in Computer Science, Cybersecurity, Software or Electrical Engineering.
• 5+ years of Firmware security management experience, preferably in the industrial PC industry working with BIOS/UEFIs.
• Proven experience in embedded systems security, with a focus on threat modeling, risk assessment, and security implementation.
• Strong experience with UEFI security standard (TPM 2.0, Secure Flash, Capsule updates, Secure/Trusted/Measure boot, Intel BIOS/Boot guard, Intel PTT, Intel TXT).
• Strong understanding of vulnerability lifecycle including scanning, CVEs management and risk mitigation.
• Contribute to the Security Development Lifecycle of the Firmware by supporting its development at different stages, including design, threat analysis, implementation, validation, vulnerability testing, certification, and audit.
• Extensive experience with microcontrollers, their architecture and operation.
• Experience with common security standards and certifications (e.g., Common Criteria, MITRE, FIPS, ISO 27001:2022, IEC 62443).
• Satisfactory completion of a background check.
• Ability to work in the U.S. without visa sponsorship.

WHO WE ARE:

OnLogic employees have the opportunity to shape our future and drive impactful change. We design and manufacture specialized computers and hardware solutions for companies all over the world, helping them to make the seemingly impossible possible. Our computers are designed to work where others fail, and it’s our vision to be the first choice in industrial computing. To make that vision a reality, we’ve built a team of ambitious problem solvers, guided by the company’s core values of Open, Fair, Innovative and Independent. We have an open office, open salaries and strive to be fair and transparent in our decision making. We encourage input and feedback from every member of our team and look to improve ourselves and our business every single day.
Diversity is an essential element of our core values. Not just respecting, but actively embracing a variety of backgrounds, life experiences, and opinions, helps us foster innovation, enhances our problem-solving capabilities, and promotes learning and engagement among the members of our team. We strongly encourage those with diverse backgrounds to apply.
We are committed to providing a safe, inclusive, and harassment-free workplace for all employees. We do not tolerate any form of harassment, discrimination, or bias based on race, ethnicity, gender, sexual orientation, religion, disability, age, or any other protected characteristic.
To learn more about our values, our mission and what it’s like to work at OnLogic, visit www.onlogic.com/careers.

IN THIS ROLE, YOU’LL BE RESPONSIBLE FOR:

• Working with the security team to identify and mitigate firmware vulnerabilities.
• Perform firmware development for vulnerability mitigation.
• Work with the firmware development team to define BIOS specifications.
• Collaborate with external parties in the vulnerability management lifecycle.
• Validate function of firmware & BIOS on prototypes.
• Actively participate in continuous improvement of the company’s development processes.
• Support vulnerability lifecycle management.
• Support product security and customer communications on related issues.

The salary range for this role is $90,000 to $120,000. We determine final compensation based on discussions with applicants and their experience in similar roles.

• A competitive Salary based upon your experience and the requirements of the role
• A comprehensive Benefits package
• 401k Plan with 3% Employer Contribution
• An Annual Profit Share Bonus
• Paid Maternity & Paternity Leave, and Short & Long Term Disability
• Opportunity to Participate in our Employee Stock Purchase Plan
• A personal development plan created to help you (and us) gro