Facebook Hardware Systems Engineer - Security in Helena, Montana
Facebook's mission is to give people the power to build community and bring the world closer together. Through our family of apps and services, we're building a different kind of company that connects billions of people around the world, gives them ways to share what matters most to them, and helps bring people closer together. Whether we're creating new products or helping a small business expand its reach, people at Facebook are builders at heart. Our global teams are constantly iterating, solving problems, and working together to empower people around the world to build community and connect in meaningful ways. Together, we can help people build stronger communities - we're just getting started.
The Hardware Engineering team designs, builds, brings-up, tests and lands the hardware systems that power the Facebook social network, deployed in our data-centers worldwide. Designs are published for industry adoption through the Open Compute Project Foundation.We are looking for highly skilled engineers with experience in Platform Security Hardware Systems Engineering for our Infrastructure Hardware Engineering team. The ideal candidate will operate in a highly multi-tasked, fast-paced and highly cross-functional engineering environment. They will have hands-on experience with the development and adoption of Platform Security technologies and hardware system design, and with hardware, firmware and software integration for large scale deployments. They will have deep knowledge and experience in the design of scalable and fault-tolerant risk mitigation frameworks for critical hardware infrastructure systems with domain knowledge spanning server, storage and network technology. They will be data-driven and focus on the highest impact they can create as part of a world-class engineering team. This is an opportunity to join our team and help us build some of the world’s most open, efficient and secure hardware platforms.
Collaborate with Hardware Engineering, Firmware and Software Engineering and company-wide infrastructure security teams to develop the hardware roadmaps and specifications for our platform security solutions for hardware systems.
Work hands-on with cross-functional partners to integrate hardware security solutions. This includes integrating systems, achieving stability, performance and power requirements, and driving defects to resolution with our external supply chain and manufacturing partners and internal teams.
Influence the direction of the landscape of platform security through development and collaboration with open-source firmware and hardware communities.
Drive specification, integration and validation of Hardware-Assisted Security features such as Intel TXT, Boot Guard, Verified Boot, Measured Boot and Attestation. In addition to driving specification and development of NIST PFR compliant Hardware Root-of-Trust solutions for datacenter storage, compute and networking appliances.
Perform in-depth analysis of Facebook hardware infrastructure threat vector modeling for current and future Facebook hardware designs and develop technical strategies for Intrusion Detection in platform firmware and peripheral devices.
Engage in vulnerability management for datacenter server, storage and networking systems.
Partner with external vendors on security solutions and security requirements, identify key threats and solutions, and plan and support Penetration Testing.
Coordinate Incident Response activities for critical hardware infrastructure systems.
Partner with Data Center Site Operations teams and NPI tooling teams to understand installation, operation and maintenance considerations within Facebook data centers and incorporate feedback into future hardware designs.
Collaborate closely with software and hardware sub-system subject matter experts to bring disparate technologies together to produce highly efficient, reliable and secure solutions.
Work as part of the Hardware Engineering team to design, develop, test and deploy hardware security solutions for Facebook hardware platforms spanning server, storage and networking.
BS or MS in Computer Science, Computer Engineering, Electrical Engineering or a related technical discipline or equivalent experience.
6+ years of industry experience in Platform Security and Hardware Systems Engineering.
Expert level knowledge in platform security technology, including demonstrable depth in at least two areas out of the following technology domains: Compute Systems, Storage Systems, Networking Systems.
Knowledge of hardware solutions that crosses multiple technology domains and multiple subsystems and experienced in complex, multi-subsystem system-level troubleshooting, system performance analysis, and optimization practices and experience diving into software, firmware and hardware problems (e.g. debug wherever the problem leads and have the confidence to engage cross functional partners to support issue resolution.).
Experience quickly learning new hardware technology, protocols, frameworks and understand firmware and software concerns/requirements.
Experience with deployment of hardware security at scale and identification and resolution planning for hardware threat analysis.
Familiarity with Linux operating system internals (e.g. kernel dev, tracing, profiling, scheduling, IO subsystems), x86-based server hardware, storage, networking and IO stacks, and large-scale Infrastructure automation.
English language communications skills and experience pivoting communication style and depth for the audience.
Detail-oriented with careful and balanced rapid execution in a fast-paced environment.
Domain expertise in Platform Security technologies such as UEFI Secure Boot, Measured Boot, Intel TXT and SGX-TEM, ARM TrustZone etc.
Domain expertise in offensive hardware security techniques such as DMA attacks, TPM Reset attacks, Coldboot attacks, Spectre/Meltdown and Side-channel Analysis.
Experience with CPLD, FPGA and/or ASIC development, specification of silicon level security feature definition and integration of complex logic with firmware.
Experience in specification and development of cryptographic protocols.
In-depth understanding of Platform Security standards and specifications such as TCG, OPAL, NIST 800-193, PKCS and X.509.
Familiarity with OpenTitan, Intel PFR, Microsoft Cerberus and other industry solutions for platform root of trust.
Knowledge of Compute systems and memory buses (DDR4, DDR5, HBM, UPI/QPI, etc.).
Understanding of storage protocols such as: NVMe, NVMeoF, SATA or SAS.
Knowledge of typical system IO and management buses (PCIe, CXL, I2C/SMBus, LPC, etc.).
Experience with typical data center networking technology: Ethernet, IPv4/v6, Infiniband, RoCE, etc.
Experience in firmware development and debugging along with knowledge of system firmware development and system firmware configuration (BIOS, EFI Drivers, coreboot etc.).
Equal Opportunity: Facebook is proud to be an Equal Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Facebook is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at email@example.com.