< /div>

Security Foundation Engineer

📁
Engineering
📅
JR-0000050969 Requisition #
Western Digital
 
The next big thing in data is you!

You might know Western Digital as a Fortune 150 company, or as the world’s largest maker of hard drives and memory products (we are both of those things). What you may not know is that Western Digital designs, builds, and ships software that reaches over 300 million people every year. That’s a lot of people!


Increasingly software is how people experience hardware. Think about the hardware devices you use; software is likely how you interact with that hardware. We get this. This is why software development is so important at Western Digital. We strive to deliver an amazing hardware and software experience to hundreds of millions of consumers every year; one that is fast, easy-to-use, and most importantly, secure.


Within Western Digital, the Client Solutions Business Unit is creating a personal cloud experience that seamlessly pulls all of your content together (pictures, music, video, documents) and makes it available on any screen, any place and any time. Our services exist across hardware products as well as pure cloud environments and creating and maintaining secure environments is a requirement for anything we do.

 

ESSENTIAL DUTIES AND RESPONSIBILITIES:

As a Security Foundation Engineer at Western Digital, you will work on core software that protects the security of our customers' most important data. In the Client Solutions Business Unit, we're developing products and services that help individuals and organizations encrypt and manage their data across their entire workflow. We know that the largest barrier to an end-to-end encrypted world is ease of use, and we're creating exciting new technologies that will help more people than ever before keep their data safe at all times. Your contributions might help safeguard the next big Hollywood movie, a photojournalist's hard-hitting exposé, archives of sensitive medical and financial data, or someone's next big idea.

 

Working on security software is both challenging and rewarding. You will build foundational systems and frameworks that other engineers in the organization rely upon for the soundness and correctness of the entire system. You will help analyze and choose the tools we use to accomplish this, working with the requirements of the product hardware and client environments. To support our choices and make sure that we're creating the best products we can deliver, you will stay up to date on research in areas such as cryptography, formal methods, programming languages, and software security research. Building secure systems requires an understanding of the risk involved in various components and choices within the system. Working with the rest of the secure platform team, you will help define and implement a layered approach to ensuring confidence in our software, focusing the highest-effort activities where the risk is greatest.

 

As a Security Foundation Engineer, you will be responsible for working on core software from the requirements to verification phases, and supporting our software post-launch to provide new capabilities and protect our users from evolving threats. In order to build trust in our software, we need to communicate about how our software has been designed, developed, and validated. You will be responsible for writing or improving upon the design and implementation documentation for the software you work on, and you should be prepared to communicate and document the choices you've made and to create compelling arguments for the trustworthiness of our products. When we work with external standards such as FIPS 140-2 or Common Criteria, you will help write the formal descriptions of our security models and policies required by these evaluations.

 

As part of a small and dynamic team, the projects that we work on and the tools we use will vary over time. You will have the opportunity to be exposed to all phases of product development, from hardware design to post-launch support. You should be prepared to learn about new tools, technologies, frameworks, languages, and domains, and rapidly translate your learning into results. To illustrate this, some examples of technologies and tools we've developed or applied in the past include:

  • Embedded development for ARM microcontrollers in Java and Kotlin
  • Custom memory-protected operating system design for ARMv7-M MPUs in C
  • Secure bootloaders, secure firmware update mechanisms, and product roots of trust
  • Static analysis and runtime verification for undefined behavior in large C code bases
  • Software and product design using the seL4 microkernel
  • Mission-critical manufacturing automation software in Typed Racket
  • Formal verification of concurrent software design using Promela and the Spin model checker
  • Concolic testing of IP networking stacks using KLEE
  • High-assurance implementations of standard cryptographic primitives including elliptic curve cryptography

The systems we're building and the software we're writing are unlike any we've created before. We want to bring the same level of robustness and design assurance to an even more challenging set of product requirements. While the technologies and tools we use will differ depending on the requirements of the system, these examples should provide some guidance on what you might be working on in the secure platform team.

 

At Western Digital, we have the challenge and the responsibility to help users around the world manage, organize, and protect their most precious memories, data, and information. We want to provide you with the opportunity to help us make good on that responsibility in a diverse, supportive, and high-impact environment. Are you up for it?

 
A Summary of Your Key Responsibilities
  • Collaborate with the secure platform team to specify, design, and deliver foundational security technologies for our products.
  • Participate in the design of cryptographic protocols, the implementation of protocols and of cryptographic primitives, and the design and implementation of isolation mechanisms and policies that enforce the security boundaries of our products.
  • Create formal models of software and system designs, and verify properties of these models using tools such as model checkers, proof assistants, or tools built on SMT solvers.
  • Develop software in multiple languages and for multiple target environments, such as assembly, C, Rust, Java, and Kotlin.
  • Analyze the risk involved in different technical decisions, the risk exposure of various parts of a system, and be able to direct testing or verification effort that is appropriate to the level of confidence that is required for each component.
  • Participate in the creation of requirement and design documentation for system components.
  • Foster and grow a culture of continuous improvement in software methodology, and help hold the group accountable for our stated principles, including with regard to documentation, testing, verification, and continuous integration.
 
QUALIFICATIONS:

If you feel that your background and experience has led you to the point where you want to take on this challenge and responsibility, and you believe you can be successful with the support and mentorship of our leadership, you should apply for this position regardless of your formal qualifications.

  • You should have the ability and inclination to take in new information, learn new concepts, and always seek out opportunities for growth and change.
  • You will need a strong background in mathematical reasoning. To support this, a bachelor's degree in mathematics, computer science, or a related area is strongly preferred, and a higher degree is helpful.
  • It is critical that you be able to reason about the meaning of programs, and to be able to consider the actual semantics of the software you and others write separately from the intended semantics of those programs. A background in programming language theory, compiler design, software security, or software engineering and testing often helps to build this skill.
  • You should understand the various primitives of modern cryptography, such as block and stream ciphers, hash functions, message authentication codes, cryptographically-secure pseudorandom number generators, and key exchange and signature algorithms over finite fields. You should be able to understand how to assemble these primitives into higher-level cryptographic protocols with specific properties.
  • You should have an ability to see a system from an attacker's perspective, and to understand what is possible or not possible with the information available to an attacker.
  • You should specifically have an understanding of the idea of undefined behavior in program semantics, and understand the concepts of partiality and totality.
  • You should be open to understanding the entirety of a system, from block-level hardware design to user experience, and be able to analyze and articulate the tradeoffs involved in software design from multiple perspectives.
  • You should have some experience with formal or semi-formal methods of software engineering.
  • You should understand the idea that errors in software design cost an order of magnitude more to fix than implementation defects, and you should have incorporated this into your approach to writing software.
  • You should be open to suggestions and ideas provided by other members of the team, and be proactive in seeking out input in order to foster a sense of group ownership amongst the entire team.
  • You should understand issues around user privacy, consent, and security, as well as how these affect our incredibly diverse set of users differently.
  • You should be familiar with software security and understand the social dynamics around security researchers, different classes of attackers, and different threat models our users face.
  • And finally, you should understand that you are not working alone, and be able to reach out to others for support and guidance when you need it.
 

ABOUT WESTERN DIGITAL

The future. It’s on you. You & Western Digital.


We’ve been storing the world’s data for more than 50 years. Once, it was the most important thing we could do for data. Now we’re helping the world capture, preserve, access and transform data in a way only we can.


The most game-changing companies, consumers, professionals, and governments come to us for the technologies and solutions they need to capture, preserve, access, and transform their data.

 

But we can’t do it alone. Today’s exceptional data challenges require your exceptional skills. It’s You & Us. Together, we’re the next big thing in data.

 

Western Digital® data-centric solutions are found under the G-Technology™, HGST, SanDisk®, Tegile™, Upthere™, and WD® brands.

 
Western Digital is an equal opportunity employer.

Western Digital does not discriminate on the basis of race, color, ancestry, religion (including religious dress and grooming standards), sex (including pregnancy, childbirth or related medical conditions, breastfeeding or related medical conditions), gender (including a person’s gender identity, gender expression, and gender-related appearance and behavior, whether or not stereotypically associated with the person’s assigned sex at birth), age, national origin, sexual orientation, medical condition, marital status (including domestic partnership status), physical disability, mental disability, medical condition, genetic information, protected medical and family care leave, Civil Air Patrol status, military and veteran status, or other legally protected characteristics. We also prohibit harassment of any individual on any of the characteristics listed above. Our non-discrimination policy applies to all aspects of employment. We comply with the laws and regulations set forth in the "Equal Employment Opportunity is the Law" poster.

Federal and state laws require employers to provide reasonable accommodation to qualified individuals with disabilities.  Please tell us if you require a reasonable accommodation to apply for a job or to perform your job.  Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment. If you need any accommodation or assistance with our career site, please contact us at staffingsupport@wdc.com.


Western Digital participates in the E-Verify program in the US. For more information click hereEste empleador participa in E-Verify.


#LI-VV1

My Profile

Create and manage profiles for future opportunities.

Go to Profile

My Submissions

Track your opportunities.

My Submissions

Similar Listings

Milpitas, California, United States

📁 Engineering

Requisition #: JR-0000047130

Milpitas, California, United States

📁 Engineering

Requisition #: JR-0000051113

Milpitas, California, United States

📁 Engineering

Requisition #: JR-0000050363