Jabil is hiring a Principle Security Engineer

Role Overview

This position is the primary technical authority for platform security, responsible for shaping the security vision across next-generation server systems. The Principal Security Engineer establishes security architecture and strategy, embedding protection into design from the earliest stages. The role ensures systems are resilient against current and emerging threats, including the future impact of quantum computing, while aligning with standards from NIST, OCP, and the Trusted Computing Group.

Key Responsibilities

• Design and validate secure boot sequences, ensuring a robust chain of trust spanning BMC, BIOS, Root of Trust (RoT), and connected peripherals.
• Develop and guide the roadmap for transitioning to Post-Quantum Cryptography, evaluating performance and hardware implications of algorithms such as ML-KEM and ML-DSA.
• Analyze how cryptographic changes affect embedded environments, particularly in memory usage, boot latency, and accelerator integration.
• Enforce and support implementation of SPDM, MCTP, and PLDM protocols to enable secure device attestation and communication.
• Lead threat modeling exercises to uncover vulnerabilities in new hardware platforms and define effective countermeasures.
• Oversee product security efforts, including evaluation of CVEs in OpenBMC and Linux kernel components, and direct remediation strategies.
• Ensure designs comply with TCG, OCP Security, and FIPS 140-3 requirements throughout the development lifecycle.
• Promote the use of memory-safe programming languages like Rust and integrate modern security practices into firmware development workflows.
• Represent the organization in industry forums such as OpenBMC Security Working Groups and OCP Security projects, contributing security improvements upstream.
• Advise senior and lead engineers on security-critical designs and code, providing technical oversight for BMC and RoT implementations.

Required Qualifications

• Bachelor’s or Master’s degree in Computer Science, Electrical Engineering, or a related technical discipline.
• Minimum of 10 years of experience in embedded systems security, platform-level security, or firmware architecture.
• Proven experience in designing and delivering secure server or embedded platforms from concept through certification.
• Strong command of cryptographic methods including ECC, RSA, SHA, and AES, with practical application in hardware-based security modules such as TPM, HSM, and Hardware RoT.
• Deep expertise in SPDM (versions 1.0 to 1.2), MCTP, Cerberus, and TCG specifications.
• Familiarity with hardware security technologies such as Physical Unclonable Functions (PUF), TrustZone, SGX, and defenses against side-channel attacks.

Technical Environment

The role operates across a range of advanced security technologies including SPDM, MCTP, PLDM, OpenBMC, Linux kernel, TPM, HSM, Hardware RoT, PUF, TrustZone, SGX, Rust, and Post-Quantum Cryptography (PQC) with ML-KEM and ML-DSA. Work aligns with standards from NIST, OCP, TCG, and FIPS 140-3.