Job DescriptionThe Oracle Cloud Infrastructure (OCI) team can provide you the opportunity to build and operate a suite of massive scale, integrated cloud services in a broadly distributed, multi-tenant cloud environment. OCI is committed to providing the best in cloud products that meet the needs of our customers who are tackling some of the world's biggest challenges.
As a Principal Hardware Security Engineer you will be involved in ensuring that the compute hardware that is used in the Oracle Cloud Infrastructure meets the security bar to ensure compliance with our security posture. You will be get an opportunity to define security requirements for hardware ensuring hardware does not preclude inclusion of security controls essential to meet or exceed our posture. You will work closely across Oracle, with third party vendors, and with standards organization to influence the next generation of hardware platform security. You will also works closely with OCI's operations and engineering teams, constantly striving to improve Oracle Cloud's overall operational security posture by defining the supply chain and operational requirements to establish best practices for managing security for devices in our cloud infrastructure.
Our principal hardware security engineers have a blend of hardware, firmware and security skills.
ResponsibilitiesKey Responsibilities- Definition of security requirements for hardware enabling OCI security posture aligning business needs and technology trends
- Provide independent design consulting in area of expertise to implement:
- requirements specified by the hardware security team
- features required to achieve security bar
- operations (provisioning, re-use, decommissioning) inline with security posture
- Hands on
- security assessments of compute devices to ensure device meets requirements.
- adversarial assessments of compute devices to ensure they can't be compromised.
- Assess risk from findings and threat models and identify proper risk mitigation controls
- Work across to teams to ensure requirements, findings and recommendations are implemented
- Mentor junior engineers
Minimum Qualifications- Bachelor's degree in Electrical Engineering, Computer Science or related field or equivalent experience
- 8-10+ years of experience in hardware security architecture / engineering / validation / planning or related area
- Demonstrated competency in hardware/firmware with a focus on security
- Competency with computer architecture
- Subject Matter Expertise in one the following areas:
- Root Of Trust (TCG SRTM, DRTM)
- x86 (Intel, AMD), ARM server platform architecture, UEFI
- GPU platforms, rackscale systems, clustering
- Baseboard Management Controllers
- SmartNICs (DPUs)
- Storage devices
- Security concepts and standards associated Attestation (Ex: SPDM) and measurements, cryptography, Secureboot, DICE etc.
- Ability to work with most common programming languages (C, C++, Java, Python, Ruby, Go, Rust)
- Ability to read and review hardware schematics for security concerns
- Experience with reversing tools and ability to reverse engineer
Preferred Qualifications- Ability to read and understand x86 and/or ARM assembly language
- Knowledge of vendor-specific TEE technologies such as Intel SGX
- Familiarity with common embedded communications interfaces (SPI, I2C, RS232-style serial)
- Basic knowledge of enterprise and/or datacenter networking architecture
- Experience operating in a large-scale DevOps or CICD environment
- Ability to write clear and concise product security requirements
- Ability to effectively assess risk from findings and threat models and identify proper risk mitigation controls
- Ability to succeed individually or collaboratively, whether working internally or with external organizations and individuals
- Experience working effectively in a large and distributed company
- Excellent organizational, verbal and written communication skills
QualificationsDisclaimer:
Certain U.S. based or U.S. customer or client-facing roles may be required to comply with applicable requirements, such as immunization/occupational health mandates, and/or drug testing requirements.Range and benefit information provided in this posting are specific to the stated locations onlyUS: Hiring Range in USD from: $106,300 to $234,600 per annum. May be eligible for bonus, equity, and compensation deferral.
Oracle maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect Oracle's differing products, industries and lines of business.
Candidates are typically placed into the range based on the preceding factors as well as internal peer equity.
Oracle US offers a comprehensive benefits package which includes the following:
1. Medical, dental, and vision insurance, including expert medical opinion
2. Short term disability and long term disability
3. Life insurance and AD&D
4. Supplemental life insurance (Employee/Spouse/Child)
5. Health care and dependent care Flexible Spending Accounts
6. Pre-tax commuter and parking benefits
7. 401(k) Savings and Investment Plan with company match
8. Paid time off: Flexible Vacation is provided to all eligible employees assigned to a salaried (non-overtime eligible) position. Accrued Vacation is provided to all other employees eligible for vacation benefits. For employees working at least 35 hours per week, the vacation accrual rate is 13 days annually for the first three years of employment and 18 days annually for subsequent years of employment. Vacation accrual is prorated for employees working between 20 and 34 hours per week. Employees working fewer than 20 hours per week are not eligible for vacation.
9. 11 paid holidays
10. Paid sick leave: 72 hours of paid sick leave upon date of hire. Refreshes each calendar year. Unused balance will carry over each year up to a maximum cap of 112 hours.
11. Paid parental leave
12. Adoption assistance
13. Employee Stock Purchase Plan
14. Financial planning and group legal
15. Voluntary benefits including auto, homeowner and pet insurance
The role will generally accept applications for at least three calendar days from the posting date or as long as the job remains posted.
Career Level - IC4
About UsOnly Oracle brings together the data, infrastructure, applications, and expertise to power everything from industry innovations to life-saving care. And with AI embedded across our products and services, we help customers turn that promise into a better future for all. Discover your potential at a company leading the way in AI and cloud solutions that impact billions of lives.
True innovation starts when everyone is empowered to contribute. That's why we're committed to growing a workforce that promotes opportunities for all with competitive benefits that support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs.
We're committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing or by calling 1- in the United States.
Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans' status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.