We are seeking a Security Firmware Engineer to design, implement, and maintain security‑critical components in embedded firmware for next‑generation storage and controller products. This role focuses on device‑level security , including secure firmware update, lifecycle management, debug port control, Root of Trust (RoT) interactions, and protection of critical assets such as keys, OTP, and credentials. The ideal candidate has strong low‑level firmware expertise combined with hands‑on experience in embedded security architectures and secure system design. Key Responsibilities Security Firmware Architecture & Development Design and implement security layers within device firmware , aligned with product security requirements and ASIC security IP capabilities Integrate firmware with Root of Trust (RoT) subsystems , including support for both hardware‑based and firmware‑based RoT models where applicable. Ensure secure handling of cryptographic material and prevention of unauthorized access. Implement and integrate cryptographic primitives and related authentication and encryption flows used in firmware Work closely with hardware teams to leverage ASIC security IPs, HSMs, and secure key storage . Support security testing, threat analysis, and vulnerability mitigation during development and validation cycles. Participate in design reviews, security assessments, and risk evaluations.
Bachelor’s or Master’s degree in Computer Science, Electrical Engineering, or related field. 5+ years of experience in firmware or embedded systems development. Strong proficiency in C / C++ for low‑level, resource‑constrained environments. Hands‑on experience with embedded security concepts , including secure boot, firmware authentication, cryptography, and access control. Experience working close to hardware (register‑level programming, SoC integration). Experience with Root of Trust (RoT) architectures (HW‑RoT or FW‑RoT). Exposure to flash storage, controller firmware, or SoC‑based embedded platforms . Understanding of secure manufacturing, RMA modes, and field update security . Experience supporting security reviews, internal audits, or SDL processes .
Sandisk thrives on the power and potential of diversity. As a global company, we believe the most effective way to embrace the diversity of our customers and communities is to mirror it from within. We believe the fusion of various perspectives results in the best outcomes for our employees, our company, our customers, and the world around us. We are committed to an inclusive environment where every individual can thrive through a sense of belonging, respect and contribution. Sandisk is committed to offering opportunities to applicants with disabilities and ensuring all candidates can successfully navigate our careers website and our hiring process. Please contact us at jobs.accommodations@sandisk.com to advise us of your accommodation request. In your email, please include a description of the specific accommodation you are requesting as well as the job title and requisition number of the position for which you are applying.