Firmware Security Engineer

As a Firmware Security Engineer at OnLogic, you will be a vital part of a team dedicated to developing and protecting cutting-edge industrial computing products. You will lead vulnerability management and firmware/software coding tasks for various UEFI/BIOS, BMC, and microcontroller (MCU) applications across our product line, including motherboards and expansion cards. Additionally, you will collaborate with external partners performing BIOS customization for our motherboards. Engaging in end-to-end projects—from vulnerability identification to risk mitigation and validation testing—you will help us securely scale. We are growing at an incredible pace and are looking for a dynamic, dedicated professional to join us.

We believe in the power of in-person collaboration and the benefits of a strong workplace community. Therefore, this role requires an onsite presence at either our South Burlington, VT or Cary, NC office. We highly encourage candidates who are able to relocate or comfortably commute to apply.

In this role, you’ll be responsible for:

• Collaborating with the security team to identify and mitigate firmware vulnerabilities.
• Executing firmware development tasks focused on vulnerability mitigation.
• Partnering with the firmware development team to define precise BIOS specifications.
• Collaborating with external parties throughout the vulnerability management lifecycle.
• Validating the function of firmware and BIOS on hardware prototypes.
• Actively participating in the continuous improvement of the company’s hardware and firmware development processes.
• Driving comprehensive vulnerability lifecycle management.
• Supporting product security initiatives and managing customer communications regarding related issues.

The team you will be joining: 

Our IT team touches every aspect of our business and each of our day to day lives here at OnLogic. Made up of software developers, infrastructure and security experts, systems and network engineers and business technology professionals, our IT team is constantly working to improve our internal systems to make our lives easier, while optimizing our website to do the same for our customers. From the technology we use to do our jobs, to the infrastructure that supports the way we build, test and ship our products, our IT team keeps our business running smoothly.

Learn more about Life at OnLogic: www.onlogic.com/life-at-onlogic

Requirements

• Bachelor's degree or higher in Computer Science, Cybersecurity, Software Engineering, or Electrical Engineering.

• 5+ years of firmware security management experience, preferably in the industrial PC industry working with BIOS/UEFIs.
• Proven expertise in embedded systems security, with a strong focus on threat modeling, risk assessment, and security implementation.
• Strong command of UEFI security standards (e.g., TPM 2.0, Secure Updates , Capsule updates, Secure/Trusted/Measured Boot, Intel BIOS/Boot Guard, Intel PTT, Intel TXT).
• Experience collaborating in a leadership capacity across multiple engineering disciplines, such as mechanical, electrical, firmware, and security.
• Hands-on experience in embedded firmware debugging using JTAG-based debuggers and logic analyzers.
• Deep understanding of the vulnerability lifecycle, including scanning, CVE management, and risk mitigation strategies.
• Ability to collaborate with teammates on the Cybersecurity, Component Engineering, and other engineering teams to implement secure and compliant development processes .
• Capability to contribute to the Firmware Security Development Lifecycle by supporting its development at various stages, including design, threat analysis, implementation, validation, vulnerability testing, certification, and audit.
• Strong background in software development, including proficiency in Python.
• Experience with version control systems (such as Git) and standard software development processes.
• Solid understanding of PC hardware architectures, BIOS, and Linux operating systems.
• Extensive experience with microcontrollers, including their core architecture and operation.
• Familiarity with common security standards and certifications (e.g., Common Criteria, MITRE, FIPS, ISO 27001:2022, IEC 62443).

Who we're looking for:

• You understand the leadership muscles required to effectively guide and inspire teams.
• You are a clear communicator who can provide examples of setting expectations and holding teams accountable to outcomes.
• You have a demonstrated ability to build and develop a high-performing team.
• You are a creative problem solver with innovative ideas to support our shared future growth and success.
• You are a proactive self-starter with the ability to work in a fast-paced environment and think independently.
• You are an effective communicator who can deliver critical feedback constructively while collaborating cross-functionally.
• You are technically adept, embrace innovation and automation, and always approach your work with an eye toward continuous improvement.

Who we are:

OnLogic employees have the opportunity to shape our future and drive impactful change. We design and manufacture specialized computers and hardware solutions for companies all over the world, helping them to make the seemingly impossible possible. Our computers are designed to work where others fail, and it's our vision to be the first choice in industrial computing. To make that vision a reality, we've built a team of ambitious problem solvers, guided by the company's core values of Open, Fair, Innovative, and Independent. We have an open office, open salaries, and strive to be fair and transparent in our decision making. We encourage input and feedback from every member of our team and look to improve ourselves and our business every single day.

Diversity is an essential element of our core values. Not just respecting, but actively embracing a variety of backgrounds, life experiences, and opinions, helps us foster innovation, enhances our problem-solving capabilities, and promotes learning and engagement among the members of our team. We strongly encourage those with diverse backgrounds to apply.

We are committed to providing a safe, inclusive, and harassment-free workplace for all employees. We do not tolerate any form of harassment, discrimination, or bias based on race, ethnicity, gender, sexual orientation, religion, disability, age, or any other protected characteristic.

To learn more about our values, our mission and what it's like to work at OnLogic, visit www.onlogic.com/careers.

Benefits

The salary range for this role is $100,000 to $120,000. We determine final compensation based on discussions with applicants and their experience in similar roles. 

• A competitive salary based upon your experience and the requirements of the role
• A comprehensive benefits package
• 401k Plan with 3% Employer Contribution
• An Annual Profit Share Bonus 
• Paid Maternity & Paternity Leave, and Short & Long Term Disability
• Opportunity to Participate in our Employee Stock Purchase Plan
• A personal development plan created to help you (and us) grow

#LI-HG1 #LI-ONSITE