Staff Platform Software Security Engineer
United States, San Mateo, CA
Applications have closed
PlayStation Global
Erkunde die neue Generation von PlayStation 4- und PS5-Konsolen – erlebe immersives Gaming mit Tausenden Spiele-Hits aus allen Genres, die die Regeln für das, was eine PlayStation-Konsole kann, neu schreiben.Why PlayStation?
PlayStation isn’t just the Best Place to Play — it’s also the Best Place to Work. Today, we’re recognized as a global leader in entertainment producing The PlayStation family of products and services including PlayStation®5, PlayStation®4, PlayStation®VR, PlayStation®Plus, PlayStation™Now, acclaimed PlayStation software titles from PlayStation Studios, and more.
PlayStation also strives to create an inclusive environment that empowers employees and embraces diversity. We welcome and encourage everyone who has a passion and curiosity for innovation, technology, and play to explore our open positions and join our growing global team.
The PlayStation brand falls under Sony Interactive Entertainment, a wholly-owned subsidiary of Sony Corporation.
Staff Platform Software Security Engineer
San Mateo, CA
We seek a security engineer to spearhead low-level software security initiatives across our current and future PlayStation consoles. You will join an elite team focused on software and hardware security, design and code reviews, penetration testing and system hardening efforts. You will be working to break and secure cutting-edge technology - tackling how to take full advantage of all available resources to maximize security.
Here, you will have opportunities to steer and improve the security throughout the PlayStation platform. The team is involved throughout product development, from early design to production and future updates. From silicon design, to secure boot, to a custom operating system and applications, you will tackle challenging technical security problems at all areas of the console. We are looking for candidates who are excited about diving into a complex system, figuring out all the possible weak points, and designing ways to mitigate or eliminate these risks.
This team sits between security research, design, and development. You will have opportunities to develop security tools, research new ideas, design security systems, as well as find software & hardware vulnerabilities in design and implementation. Finally, you must be able to clearly present your results and findings to development teams or as an executive summary.
If this is you, please apply!
Responsibilities:
- Discover security issues and improve security for products shipped to over 100M people worldwide
- Design and/or review software security architecture
- Design and/or review hardware security architecture
- Conduct source code security review using dynamic and static analysis tools, and manual review
- Pitch and prototype new security mitigations
- Develop proof-of-concept exploits and validate attack flows
- Develop frameworks to enable full-system security evaluations
- Work closely with development teams during design, implementation and review of new security features
- Evaluate security research and incorporate into our design and review flows
- Triage and evaluate console security issues from external security researchers
- Improve automation of security analysis and review
Required and Nice-to-Have:
- Secure coding, safe computing practices, and code development
- Trusted system design: you are familiar with secure boot, TPMs, and attestation
- Operating system design and security best practices
- Hypervisor design and security best practices
- Hardware security topics such as glitching, side-channel attacks, and JTAG
- Software security topics such as C/C++ security issues and cryptography best practices
- Vulnerability research/assessment: you have discovered subtle vulnerabilities in production code
- Software exploitation and mitigation bypass techniques: you have exploited vulnerabilities on modern systems with layered mitigations
- Cryptography engineering: you have designed and/or reviewed complex systems protected with cryptography
- Security architecture: you have designed and/or reviewed the security architecture for large, complex systems
- x86 and ARM architectures
- Ability to clearly communicate security concerns and collaborate with teams on resolving these concern
#LI-JM3
Equal Opportunity Statement:
Sony is an Equal Opportunity Employer. All persons will receive consideration for employment without regard to gender (including gender identity, gender expression and gender reassignment), race (including colour, nationality, ethnic or national origin), religion or belief, marital or civil partnership status, disability, age, sexual orientation, pregnancy or maternity, trade union membership or membership in any other legally protected category.
We strive to create an inclusive environment, empower employees and embrace diversity. We encourage everyone to respond.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Automation C C++ Cryptography Exploits Pentesting Security analysis Vulnerabilities
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs
- Open Kubernetes-related jobs