Embedded Device Security Engineer

Verily is an Alphabet company combining a data-driven, people-first approach to bring the promise of precision health to everyone, every day.

Our team combines expertise in healthcare, data science and technology to improve the health and well-being of our communities. We are developing the infrastructure and solutions to harness the profusion of health information for good. Our data-driven solutions span three primary areas: research, care and innovation. Programs include Project Baseline - our research initiative to increase participation and evidence generation in clinical research; Onduo - our personalized virtual care platform, which includes connected tools, lifestyle coaching and clinical support; and Debug - our effort to reduce the threat of mosquito-borne diseases by combining machine learning with sterile insect technique. We’re also actively working to combat the spread of COVID-19 through new programs like Healthy at Work. 

Description

Verily Information Security team's mission is to secure Verily products and services. We work with many partner teams including Quality, Legal and Compliance and Cloud Security to ensure security policies and best practices are followed. Our products meet or exceed the security and privacy compliance bar, and Verily is in the forefront of securing healthcare systems and devices.

Verily Information Security team is looking for an embedded Linux engineer who also has experience in security. The person will closely work with product teams to implement device security features, which includes, but not limited to: secure boot, LUKS encryption, hardware TPM, OTA updates, SSH certificate management and process isolation (e.g., Docker). Eventually the person is expected to lead the development of a secure embedded platform that subsumes aforementioned security features.

Responsibilities

• Work with product teams to develop device security features.
• Foster sharing of common security features across multiple device projects.
• Lead the development of a secure embedded platform for future projects.

Qualifications

Minimum Qualifications: 

• Prior experience in embedded Linux bring up, preferably Yocto.
• Prior experience with secure boot process, either UEFI or U-BOOT.
• Prior experience in volume encryption, in particular LUKS and key management.
• Prior experience in hardware TPM, in particular TPM 2.0.

Preferred Qualifications:

• Familiarity with cryptography (e.g., RSA, AES, HMAC, ECDSA, ECDH).
• Familiarity with SSH certificate management.
• Familiarity with OTA updates, both application and OS.
• Familiarity with process isolation through Docker or similar technologies.