5 Firmware Security Jobs

eInfochips, an Arrow company, is a global leader in providing product engineering and semiconductor design services. With over 25 years of experience and a team of 2500+ engineers, we have developed 500+ products deployed in 140 countries. Our services cover Silicon Engineering, Embedded Engineering, Hardware Engineering, and Digital Engineering, catering to 7 of the top 10 semiconductor companies globally. We are currently looking for a Senior IoT/Cyber Security Specialist with 5 to 12 years of experience, including a minimum of 5 years in secure software engineering. The position is based in Pune or Ahmedabad and requires a BE or MS in Electronics/Computer Engineering, with Cyber Security certifications preferred. As a Cyber Security Specialist at eInfochips, you will be responsible for serving as a subject matter expert in product security. Your role will involve leading secure software development practices, threat modeling, penetration testing, security incident response, and coaching engineering teams on cybersecurity best practices. Key Responsibilities: - Act as an SME for Cyber/Product Security, guiding software and firmware teams on secure development lifecycle practices. - Develop security architecture, threat models, and cybersecurity requirements for connected devices. - Lead security verification, penetration testing, and validation efforts. - Manage security compliance for engineering projects and third-party audits. - Drive the implementation of security policies, standards, and procedures organization-wide. - Provide technical leadership in security design, risk assessments, and mitigation strategies. - Stay updated on emerging threats, industry standards, and regulatory requirements. - Deliver training and knowledge sharing on security best practices. Required Technical Skills: - Experience with threat intelligence analysis. - Expertise in SCA, SAST, DAST tools, vulnerability classification, and secure coding principles. - Implementing PKI, cryptographic keys, secure boot, secure communications, identity management, and firmware security. - Proficiency in penetration testing tools, threat modeling, and security standards. - Programming skills in C/C++, Java, Python, or similar languages. - Familiarity with encryption protocols. - Preferred certifications: CISSP-ISSEP, CISSP-ISSAP, CEH, OSCP, CSSLP, GIAC. Desired Experience: - Security analysis for Industrial, Automotive, Medical, and IoT systems. - Knowledge of UNECE security standards. - Experience in leading security tool adoption in regulated environments. Soft Skills: - Self-driven, motivated, and proactive. - Excellent communication skills. - Eager to learn new technologies. - Positive attitude with strong problem-solving abilities. Join us at eInfochips for the opportunity to work on cutting-edge technologies and lead a high-performing team in a fast-paced, dynamic environment. If you meet the requirements and are enthusiastic about this role, please share your resume at arti.bhimani1@einfochips.com,

Key Responsibilities: Drive end-to-end cybersecurity integration across the medical device product development life cycle, ensuring security is embedded from concept to release. Develop and maintain cybersecurity for medical products, including security requirements specifications, risk assessments, threat models, and product security architecture documentation. Conduct thorough gap assessments to evaluate compliance with IEC 81001-5-1, IEC 60601-4-5, AAMI TIR 57, and AAMI TIR 97 standards, and implement remediation measures. Perform hands-on vulnerability assessments, penetration testing, and secure code reviews of embedded devices, IoMT (Internet of Medical Things) components, and connected systems. Collaborate closely with development, compliance, and regulatory teams to ensure product security measures meet both internal security policies and external regulatory expectations. Support SBOM management, software supply chain risk evaluations, and third-party component analysis to maintain software transparency and mitigate risks. Provide expert input on secure communication protocols, encryption standards, data protection for both at-rest and in-transit data, and cloud-based connectivity of medical systems. Assist in developing incident response strategies and bring working knowledge of HIPAA, GDPR, and HL7 to address data privacy and healthcare-specific regulatory concerns. Contribute to the continuous enhancement of internal secure development processes, tools, and methodologies, while championing security best practices within product teams. Required Skills and Qualifications: Minimum of 6 years of experience in cybersecurity, including at least 3 years focused on medical devices, embedded systems, or IoT security. Proven track record in authoring security design, defining technical requirements, and documenting security architectures aligned with regulatory needs. Hands-on experience in embedded system security including secure boot, firmware security, threat modeling techniques (e.g., STRIDE, DREAD), and product-level risk assessments. Strong understanding of IEC 81001-5-1, IEC 60601-4-5, AAMI TIR 57, and AAMI TIR 97, along with working knowledge of the medical device product development lifecycle and quality standards like ISO 14971. Demonstrated expertise in vulnerability management and penetration testing of connected products across device and cloud ecosystems. Familiarity with data privacy and interoperability standards such as HIPAA, GDPR, and HL7 is highly desirable. Excellent problem-solving skills, critical thinking, and ability to lead gap analysis and remediation activities in regulated environments. Strong collaboration skills with the ability to influence cross-functional teams including RD, compliance, and product management.

About the Role :We are seeking a highly motivated and skilled Security Firmware Engineer to join our team and contribute to the development of cutting-edge security solutions. In this role, you will be responsible for designing, developing, and maintaining firmware for our security subsystems, ensuring the highest levels of security and reliability.Key Responsibilities :Design, develop, and maintain firmware for security subsystems, including but not limited to : - Root of Trust - Trusted Platform Module (TPM/fTPM) - Widevine DRM - Develop and implement secure boot and attestation mechanisms. - Integrate security features into existing firmware and hardware platforms. - Perform thorough code reviews and unit testing to ensure code quality and security. - Troubleshoot and debug firmware issues. - Collaborate with cross-functional teams (hardware, software, security) to ensure seamless integration and system-level security. - Stay abreast of the latest security threats and vulnerabilities, and implement mitigation strategies. - Contribute to the development and maintenance of security policies and procedures.Required Skills : Mandatory : - Very strong in C language programming and debugging - Working knowledge of git/gerritKey Skillsets : - Good knowledge about silicon security subsystem / policy, root of trust, TPM/fTPM, Widevine - Good knowledge of trusted applications and handshake - Experience with embedded systems development and debugging. - Strong understanding of security principles and best practices. - Experience with security protocols (e.g., TLS, SSL, IPsec). - Excellent problem-solving and analytical skills. - Strong communication and collaboration skills.

Role : Security Firmware called PSP FW Location : Bangalore, Hyderabad Experience : 5 - 10 Yrs Employment Type : Full Time, Permanent Working mode : Regular Notice Period : Immediate - 15 Days Common Requirements : - Strong C Programming Skills : Proven expertise in C programming language for embedded systems.- Debugging Proficiency : Ability to effectively debug complex firmware issues.- Version Control : Working knowledge of Git or Gerrit for code management. Specific Roles : 1. Security Firmware Engineer (PSP FW) : - Security Expertise : In-depth understanding of silicon security subsystems, root of trust, TPM/fTPM, and Widevine.- Trusted Applications : Knowledge of trusted applications and handshake protocols.- Security Policy : Familiarity with security policies and their implementation. 2. Power Management Firmware Engineer (PMFW) : - BIOS Expertise : Strong understanding of BIOS architecture, power management, and PCIe.- SoC Power Management : Knowledge of SoC power states, hot-plug, and power optimization techniques.- UEFI and ACPI : Proficiency in UEFI BIOS and ACPI specifications.- AGESA : Experience with AMD Generic Encapsulated Software Architecture (AGESA) is a plus. 3. Memory Firmware Engineer (ABL FW) : - Memory Technologies : In-depth understanding of DDR4, DDR5, and NVDIMM technologies.- DIMM Types : Familiarity with different DIMM types (UDIMM, SODIMM, RDIMM, LRDIMM, LPDDR).- UMC Features : Knowledge of UMC features like ECC, SME, SEV, and RAS. General Responsibilities : - Design, develop, and test firmware for embedded systems.- Analyze system requirements and translate them into firmware specifications.- Collaborate with hardware and software engineers to ensure seamless integration.- Optimize firmware for performance and power efficiency. - Troubleshoot and resolve firmware-related issues.- Stay up-to-date with the latest firmware technologies and industry trends. Required Skills and Experience : Strong C programming skills. Mandatory skills : - Security Firmware called PSP FW (1)- Power Management Firmware called PMFW(1) - Memory Firmware called ABL FW (1- Experience with embedded systems and microcontrollers.- Knowledge of firmware development tools and methodologies.- Ability to work independently and as part of a team. KeywordsFirmware,Embedded System Security,Embedded System,Embedded,BIOS,PCI-e,UEFI,Firmware Security*

Job description Excellent C Programming skills with Linux Operating System. 7+ years strong experience in embedded security. Knowledge on Python and shell scripting Hands on with STM32 platforms with good knowledge on ARM Cortex architecture Experience using the STMCubeIDE, IAR Workbench and Kiel with good debuggingskills Experience in Embedded Security framework like SecureBoot, Secure firmware update, STM32_Secure_Engine, mbedTLS, mbedcrypto, Trusted Firmware, STM32_Key_Management_Services and FreeRTOS etc. Good understanding of HAL and low-layer drivers Good Communication and learning attitude.