You know the moment. It’s the first notes of that song you love, the intro to your favorite movie, or simply the sound of someone you love saying “hello.” It’s in these moments that sound matters most.
At Bose, we believe sound is the most powerful force on earth. We’ve dedicated ourselves to improving it for more than 60 years. And we’re passionate down to our bones about making whatever you’re listening to a little more magical.
The Engineering team at Bose is a thriving, passionate, deeply skilled team of professionals from a broad range of disciplines and experiences, who share a common goal—to create products that provide transformative sound experiences.

JOIN THE FUTURE OF PRODUCT SECURITY AT BOSE

At Bose, security and stability are the two pillars of our product innovation. We are seeking for a Security Architect to support the security initiatives for our consumer electronics products . You will play a central role in product security, and have the ability to improve the product security program to meet higher level enterprise security objective. With new products launching every year, there is a constant need to ensure security in our on-the-go and in-the-home platforms. The ideal candidate has extensive secure software development experience in a fast-paced, agile product environment. Join our product security team to power the next wave of innovation at Bose.

QUALIFICATIONS

• Experience developing for embedded systems and Linux platforms in C, C++
• Linux system security hardening techniques
• Strong knowledge of cryptograph ic theory and engineering including encryption, hashing, signing, digital certificates and hardware security modules (HSMs)
• Building internal security applications with cryptographic guarantees such as firmware encryption and signing , custom developer enablement tools, secure asset pr o visioning , etc .
• Experience mitigating dependency or code-level defects including memory-management issue s , input validation, timing attacks, broken authentication, side channels.
• Experience with computer networking with a focus on security and IOT applications
• Bachelor’s degree in Computer Science, or equivalent. A master’s degree is beneficial
• 6 or more years of industry experience working in firmware development with a focus on security. An advanced degree can contribute towards experience

As a Security Architect, you will work as an integral part of the Product Security team to embed security practices into every aspect of the secure development pipeline. Our development philosophy is to enable developers to write secure code faster.

Responsibilities for this job include:

• Architecting and designing products to guarantee secure practices, data confidentiality, system integrity
• Engineering and implementing ARM Trust Zone secure applets, implementing a cryptographic IOT device identity and root of trust
• Streamlining secrets, key management, cryptography, and credential management
• Defining Security requirements and conducting security assessments
• Advising engineering peers on security matters in the form of architectural guidance, code/design reviews, and solution development
• Improving vulnerability discovery, patching process, and leading responses to external security threats
• Code independently with minimal oversight and design system architecture with guidance
• Collaborating with cross-functional teams like Product firmware, DevOps, Cloud engineering, manufacturing, and program management.
• Performing security testing on products and supporting with the security fix implementations
• Designing and maintaining private X.509 and JWK chains of trust used for validating authenticity of portable audio devices
• Stay up-to-date on security news, relevant technologies, plug into user groups, understand trends and security opportunities
• Be a stakeholder on interdisciplinary teams advocating for security