At Jabil, we strive to make anything possible and everything better. We are seeking a Principal Security Engineer and Security Subject Matter Expert to define the security architecture and strategy for next-generation server platforms. In this role, you will be the technical authority on Platform Root of Trust (RoT), firmware security, and supply chain integrity, guiding a comprehensive 'Security-by-Design' approach.
What You'll Do
- Define the end-to-end secure boot flow and chain of trust hierarchy across BMC, BIOS, RoT, and peripheral devices.
- Lead the strategic roadmap for Post-Quantum Cryptography (PQC) migration, assessing impact on boot time, memory, and hardware accelerators.
- Mandate and guide correct implementation of security protocols SPDM, MCTP, and PLDM for device attestation and secure communication.
- Lead detailed threat modeling sessions for new platforms to identify attack surfaces and prescribe mitigations.
- Act as the lead for Product Security, assessing CVEs affecting OpenBMC/Linux kernel and driving remediation plans.
- Ensure product architecture aligns with TCG, OCP Security, and FIPS 140-3 requirements.
- Champion adoption of memory-safe languages (e.g., Rust) and modern security practices within firmware development lifecycle.
- Represent Jabil in OpenBMC Security Working Groups or OCP Security projects; drive upstream contributions for security enhancements.
- Provide expert consultation and mentorship to Lead and Senior engineers in BMC and RoT teams, reviewing critical security designs and code.
What We're Looking For
- Bachelor’s or Master’s degree in Computer Science, Electrical Engineering or related field.
- 10+ years of experience in embedded security, platform security, or firmware architecture.
- Proven track record designing secure server platforms or embedded devices from concept to certification.
- Deep understanding of cryptographic algorithms (ECC, RSA, SHA, AES) and their application in hardware (TPM, HSM, Hardware RoT).
- Authoritative knowledge of SPDM (1.0/1.1/1.2), MCTP, Cerberus architectures, and TCG specifications.
- Strong knowledge of hardware security primitives: Physical Unclonable Functions (PUF), TrustZone, SGX, and side-channel attack mitigations.
Technical Stack
- SPDM
- MCTP
- PLDM
- Rust
- OpenBMC
- Linux kernel
- TPM
- HSM
- Hardware RoT
Jabil, including its subsidiaries, is an equal opportunity employer and considers qualified applicants for employment without regard to race, color, religion, national origin, sex, sexual orientation, gender identity, age, disability, genetic information, veteran status, or any other characteristic protected by law.
