Android/ PC Security Researcher (Samsung Knox)

Title: Android/PC Security Researcher (Samsung Knox)

Location: Mountain View, CA

Lab: MPS/ B2B Solutions Lab

Samsung Knox

Samsung KNOX™ ( https://www.samsungknox.com/ ) is Samsung’s guarantee of security, and a secure device gives you the freedom to work and play how, where, and when you want. Samsung Knox consists of a highly secure platform built into Samsung devices and a set of solutions that leverage this platform. Whether you would like to keep your personal photos private, or remotely manage a batch of business smartphones, Knox has you covered.

Come join the Samsung KNOX team and help us define and develop the future core technologies for Samsung devices and services!

Position Summary:

As part of the Knox Security team, security research engineers identify and solve difficult security challenges involving Samsung’s mobile and enterprise laptop products. Team members are typically expert in one or more specialties, and can expect to learn more about other areas from exposure to the rest. Broad areas of work include proposing and prototyping novel security features, researching and architecting hardware-based and software security mechanisms, performing vulnerability assessments, analyzing reported exploits and suggesting ways to strengthen security, and developing automated tools for security analysis of code and binaries. This is an R&D position, and research publications in academic conferences and patents are encouraged.

Responsibilities:

• Propose novel security features at various layers of the stack for Samsung’s smartphones and PCs (hardware-based, UEFI/BIOS, ARM TrustZone, hypervisor, Linux/Windows/Android) to achieve enterprise-level PC/smartphone security and work with product management teams to refine proposals
• Design and architect security features using hardware security features, access control, cryptography, and secure protocol design
• Provide expert security guidance to global development teams and ensure security requirements are met through the development process
• Review existing feature designs and propose enhancements to secure them further
• Perform security assessments of various layers of the software stack
• Use existing tools and develop new tools for automated vulnerability assessment as required
• Keep up-to-date with latest attacks, analyze exploits from any reported incidents, and provide expert security guidance to global development teams to ensure proper fixes for security issues
• Research and innovate security through academic publications in top security and systems conferences and patents

Qualifications:

• Bachelor’s degree in Computer Science / MS /Ph.D. or equivalent combination of education, training, and experience
• 8+ years of experience with computer security issues, as demonstrated by:
  • Conference papers or talks
  • Academic or industry experience
  • Vulnerability disclosures, such as CVEs
  • Tools developed to analyze computer programs
• Professional or practical experience in one or more of the following areas:
  • Ability to securely design and architect features with an understanding of threat and trust models, cryptography, access control, and secure protocol design
  • PC/Windows/Intel Security: An overall understanding of the Windows/PC/Intel hardware and software stack, with deeper technical knowledge of in one or more of the following areas:
    • Windows OS, security threats (malware, ransomware, rootkits) and defenses
    • Hardware technologies such as Intel VT-x, TXT, and CSME, TPM
    • UEFI/BIOS, secure boot, system management mode, hypervisor-based security using Hyper-V or nested hypervisors
  • Android/Linux/Firmware Security: A holistic understanding of the Android/Linux/ARM smartphone hardware and software stack, with deeper technical knowledge in of one or more of the following:
    • Android framework security and internals, SELinux/SEAndroid
    • Linux kernel, drivers, bootloaders, ARM TrustZone, hypervisors
  • Application Security: Knowledge of techniques used for anti-malware, anti-phishing, mobile threat defense (MTD), endpoint detection and response (EDR) systems
  • Understanding of Zero Trust
  • Vulnerability Assessment and Tooling: Knowledge of exploitation techniques, mitigations, and
    • Buffer overflows, return-oriented programming, heap spraying, ASLR, access control
    • Experience using security assessment techniques such as fuzz testing, reverse engineering, static and dynamic analysis, symbolic execution, emulation
    • Ability to use a programming language of choice to write proof-of-concept exploits, patches, and develop new tools for automated testing

Our total rewards programs are designed to motivate and engage exceptional talent. The base pay range for roles at this level is $153,300 and $210,550, but may be higher or lower in other states due to geographic differentials in the labor market. Within the base pay range, individual rates depend on a number of factors—including the role’s function and location as well as the individual’s knowledge, skills, experience, education and training. This is part of our comprehensive compensation package with annual bonus eligibility and generous benefits to help you live life well.

Regular full-time employees (salaried or hourly) have access to benefits including: Medical, Dental, Vision, Life Insurance, 401(k), Employee Purchase Program, Tuition Assistance (after 6 months), Paid Time Off, Student Loan Program (after 6 months), Wellness Incentives, and many more.  In addition, regular full-time employees (salaried or hourly) are eligible for MBO bonus compensation, based on company, division, and individual performance.