We are seeking a
Security Firmware Engineer
to design, implement, and maintain security‑critical components in embedded firmware for next‑generation storage and controller products. This role focuses on
device‑level security
, including secure firmware update, lifecycle management, debug port control, Root of Trust (RoT) interactions, and protection of critical assets such as keys, OTP, and credentials.
The ideal candidate has strong
low‑level firmware expertise
combined with hands‑on experience in
embedded security architectures
and secure system design.
Key Responsibilities
Security Firmware Architecture & Development
Design and implement
security layers within device firmware
, aligned with product security requirements and ASIC security IP capabilities
Integrate firmware with
Root of Trust (RoT) subsystems
, including support for both hardware‑based and firmware‑based RoT models where applicable.
Ensure secure handling of cryptographic material and prevention of unauthorized access.
Implement and integrate cryptographic primitives and related authentication and encryption flows used in firmware
Work closely with hardware teams to leverage
ASIC security IPs, HSMs, and secure key storage
.
Support
security testing, threat analysis, and vulnerability mitigation
during development and validation cycles.
Participate in design reviews, security assessments, and risk evaluations.
Bachelor’s or Master’s degree in Computer Science, Electrical Engineering, or related field.
5+ years of experience
in firmware or embedded systems development.
Strong proficiency in
C / C++
for low‑level, resource‑constrained environments.
Hands‑on experience with
embedded security concepts
, including secure boot, firmware authentication, cryptography, and access control.
Experience working close to hardware (register‑level programming, SoC integration).
Experience with
Root of Trust (RoT)
architectures (HW‑RoT or FW‑RoT).
Exposure to
flash storage, controller firmware, or SoC‑based embedded platforms
.
Understanding of
secure manufacturing, RMA modes, and field update security
.
Experience supporting
security reviews, internal audits, or SDL processes
.
Sandisk thrives on the power and potential of diversity. As a global company, we believe the most effective way to embrace the diversity of our customers and communities is to mirror it from within. We believe the fusion of various perspectives results in the best outcomes for our employees, our company, our customers, and the world around us. We are committed to an inclusive environment where every individual can thrive through a sense of belonging, respect and contribution.
Sandisk is committed to offering opportunities to applicants with disabilities and ensuring all candidates can successfully navigate our careers website and our hiring process. Please contact us at
jobs.accommodations@sandisk.com
to advise us of your accommodation request. In your email, please include a description of the specific accommodation you are requesting as well as the job title and requisition number of the position for which you are applying.
