Qualcomm Product Security Engineer (US and EU locations) in San Diego, California
Product Security Engineer (US and EU locations)
Qualcomm Technologies, Inc.
CDMA Technology at http://www.qualcomm.com/about/businesses/qct
Engineering - Security
California - San Diego
Job function includes participation in product security incident response, security research on Qualcomm products in detecting and mitigating security vulnerabilities, customer communications on product security related issues. Specific responsibilities may include binary analysis to identify vulnerabilities being used in active exploits; review of resolutions as part of the incident response; assisting customers to adopt security patches; internal vulnerability detection and risk assessment using both manual methods and automated tools; evaluating new technologies/tools to help detect, triage, and mitigate security vulnerabilities; reaching out to security research community and fostering coordinated vulnerability disclosure.
All Qualcomm employees are expected to actively support diversity on their teams, and in the Company.
Applicants should possess at least two years of experience (work or academic) in the field of software security and, specifically, with experience of performing software security audits. Ability to work independently with minimal supervision is a must. Applicants should have expertise or experience in two or more of the following areas:
Binary analysis and malware/exploit reverse engineering
Product security incident response in mobile, embedded device or automotive industry
Secure code review, analysis and vulnerability assessment
Security testing, e.g. fuzzing and pen-testing
Operating system security
Mobile platform security such as Android
Exploit mitigation techniques
The following skills/experience will be considered a plus:
Experience of working with external security researchers
Experience of applying software static or dynamic analysis tools (such as Klocwork, Coverity, LLVM sanitizers and popular fuzzing tools) to large code base for vulnerability detection
Knowledge of the internals of mobile or embedded operating systems
Knowledge of electronic systems in automotive products
Knowledge of wireless communication systems and protocols (CDMA/GSM/UMTS/LTE, WLAN, Bluetooth, NFC, etc)
Knowledge of secure protocols/standards (such as SSL/TLS, PKI, PKCS)Soft skills:
Teamwork across various teams and geolocations.
Able to communicate in English, both verbal and written.
Bachelor degree and above; graduate degree in a security related field of Computer Science, Electrical Engineering or Mathematics is a plus.
EEO Employer: Qualcomm is an equal opportunity employer; all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, Veteran status, or any other protected classification.