Principal Platform Software Security Engineer
San Mateo, CA
We seek a security engineer to spearhead low-level software security initiatives across our current and future PlayStation consoles. You will join an elite team focused on software and hardware security, design and code reviews, penetration testing and system hardening efforts. You will be working to break and secure cutting-edge technology - tackling how to take full advantage of all available resources to maximize security.
Here, you will have opportunities to steer and improve the security throughout the PlayStation platform. The team is involved throughout product development, from early design to production and future updates. From silicon design, to secure boot, to a custom operating system and applications, you will tackle challenging technical security problems at all areas of the console. We are looking for candidates who are excited about diving into a complex system, figuring out all the possible weak points, and designing ways to mitigate or eliminate these risks.
This team sits between security research, design, and development. You will have opportunities to develop security tools, research new ideas, design security systems, as well as find software & hardware vulnerabilities in design and implementation. Finally, you must be able to clearly present your results and findings to development teams or as an executive summary.
If this is you, please apply!
• Discover security issues and improve security for products shipped to over 100M people worldwide
• Design and/or review software security architecture
• Design and/or review hardware security architecture
• Conduct source code security review using dynamic and static analysis tools, and manual review
• Pitch and prototype new security mitigations
• Develop proof-of-concept exploits and validate attack flows
• Develop frameworks to enable full-system security evaluations
• Work closely with development teams during design, implementation and review of new security features
• Evaluate security research and incorporate into our design and review flows
• Triage and evaluate console security issues from external security researchers
• Improve automation of security analysis and review
Required and Nice-to-Have:
• Secure coding, safe computing practices, and code development
• Trusted system design: you are familiar with secure boot, TPMs, and attestation
• Operating system design and security best practices
• Hypervisor design and security best practices
• Hardware security topics such as glitching, side-channel attacks, and JTAG
• Software security topics such as C/C++ security issues and cryptography best practices
• Vulnerability research/assessment: you have discovered subtle vulnerabilities in production code
• Software exploitation and mitigation bypass techniques: you have exploited vulnerabilities on modern systems with layered mitigations
• Cryptography engineering: you have designed and/or reviewed complex systems protected with cryptography
• Security architecture: you have designed and/or reviewed the security architecture for large, complex systems
• x86 and ARM architectures
• Ability to clearly communicate security concerns and collaborate with teams on resolving these concern
Jobcode: Reference SBJ-gmx3y6-3-236-84-188-42 in your application.