Qualcomm Product Security Engineer (US and EU locations) in San Diego, California

Job Description:

Job Id

E1965836

Job Title

Product Security Engineer (US and EU locations)

Post Date

08/07/2018

Company


Division

Qualcomm Technologies, Inc.


CDMA Technology at http://www.qualcomm.com/about/businesses/qct

Job Area

Engineering - Security

Location

California - San Diego

Job Overview

Job function includes participation in product security incident response, security research on Qualcomm products in detecting and mitigating security vulnerabilities, customer communications on product security related issues. Specific responsibilities may include binary analysis to identify vulnerabilities being used in active exploits; review of resolutions as part of the incident response; assisting customers to adopt security patches; internal vulnerability detection and risk assessment using both manual methods and automated tools; evaluating new technologies/tools to help detect, triage, and mitigate security vulnerabilities; reaching out to security research community and fostering coordinated vulnerability disclosure.

All Qualcomm employees are expected to actively support diversity on their teams, and in the Company.

Minimum Qualifications

Applicants should possess at least two years of experience (work or academic) in the field of software security and, specifically, with experience of performing software security audits. Ability to work independently with minimal supervision is a must. Applicants should have expertise or experience in two or more of the following areas:

  • Binary analysis and malware/exploit reverse engineering

  • Product security incident response in mobile, embedded device or automotive industry

  • Secure code review, analysis and vulnerability assessment

  • Security testing, e.g. fuzzing and pen-testing

  • Operating system security

  • Mobile platform security such as Android

  • Automotive Security

  • Exploit mitigation techniques

  • Threat modeling

Preferred Qualifications

The following skills/experience will be considered a plus:

  • Experience of working with external security researchers

  • Experience of applying software static or dynamic analysis tools (such as Klocwork, Coverity, LLVM sanitizers and popular fuzzing tools) to large code base for vulnerability detection

  • Knowledge of the internals of mobile or embedded operating systems

  • Knowledge of electronic systems in automotive products

  • Knowledge of wireless communication systems and protocols (CDMA/GSM/UMTS/LTE, WLAN, Bluetooth, NFC, etc)

  • Knowledge of secure protocols/standards (such as SSL/TLS, PKI, PKCS)Soft skills:

  • Teamwork across various teams and geolocations.

  • Able to communicate in English, both verbal and written.

Education Requirements

Bachelor degree and above; graduate degree in a security related field of Computer Science, Electrical Engineering or Mathematics is a plus.

EEO Employer: Qualcomm is an equal opportunity employer; all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, Veteran status, or any other protected classification.