Android/PC Security Director (Samsung Knox)

Title: Android/PC Security Director (Samsung Knox)

Location: Mountain View, CA

Lab: MPS/ B2B Solutions Lab

Samsung Knox

Samsung KNOX™ ( https://www.samsungknox.com/ ) is Samsung’s guarantee of security, and a secure device gives you the freedom to work and play how, where, and when you want. Samsung Knox consists of a highly secure platform built into Samsung devices and a set of solutions that leverage this platform. Whether you would like to keep your personal photos private, or remotely manage a batch of business smartphones, Knox has you covered.

Come join the Samsung KNOX team and help us define and develop the future core technologies for Samsung devices and services!

Position Summary:

This is a senior-level position to frame the strategy for the next evolution of Samsung Knox’s security and to lead related projects. At Samsung Knox, we identify and solve difficult security challenges involving Samsung’s mobile and enterprise laptop products. Broad areas of work include proposing and prototyping novel security features, researching and architecting hardware-based and software security mechanisms, performing vulnerability assessments, analyzing reported exploits and suggesting ways to strengthen security, and developing automated tools for security analysis of code and binaries.

Responsibilities:

• Set a strategy and vision for the next evolution of Samsung Knox’s security products on mobile and enterprise laptops
• Provide security thought leadership throughout Samsung
• Reach agreement on direction with multiple stakeholders
• Lead security projects and manage teams of security engineers
• Keep up-to-date with latest security trends, and provide expert security guidance to global development teams to ensure proper fixes for security issues
• Research and innovate security through academic publications in top security and systems conferences and patents

Required Qualifications:

• 10+ years of related experience in a professional role with a Bachelor's degree; or 8+ years with a Master's degree; or 5+ years with a PhD; or equivalent experience.
• Experience as a tech lead or a security architect and previous research experience with computer security
• Demonstrable experience with computer security issues, as demonstrated by:
  • Conference papers or talks
  • Academic or industry experience
  • Vulnerability disclosures, such as CVEs
  • Tools developed to analyze computer programs
• Ability to securely design and architect features with an understanding of threat and trust models, cryptography, access control, and secure protocol design

Professional experience in one or more of the following areas:

• PC/Windows/Intel Security: An overall understanding of the Windows/PC/Intel hardware and software stack, with deeper technical knowledge of in one or more of the following areas:
  • Windows OS, security threats (malware, ransomware, rootkits) and defenses
  • Hardware technologies such as Intel VT-x, TXT, and CSME, TPM
  • UEFI/BIOS, secure boot, system management mode, hypervisor-based security using Hyper-V or nested hypervisors
• Android/Linux/Firmware Security: A holistic understanding of the Android/Linux/ARM smartphone hardware and software stack, with deeper technical knowledge in of one or more of the following:
  • Android framework security and internals, SELinux/SEAndroid
  • Linux kernel, drivers, bootloaders, ARM TrustZone, hypervisors
• Application Security: Knowledge of techniques used for anti-malware, anti-phishing, mobile threat defense (MTD), endpoint detection and response (EDR) systems
• Understanding of Zero Trust
• Vulnerability Assessment and Tooling: Knowledge of exploitation techniques, mitigations, and
  • Buffer overflows, return-oriented programming, heap spraying, ASLR, access control
  • Experience using security assessment techniques such as fuzz testing, reverse engineering, static and dynamic analysis, symbolic execution, emulation
  • Ability to use a programming language of choice to write proof-of-concept exploits, patches, and develop new tools for automated testing

Our total rewards programs are designed to motivate and engage exceptional talent. The base pay range for roles at this level is $201,400 and $312,850, but may be higher or lower in other states due to geographic differentials in the labor market. Within the base pay range, individual rates depend on a number of factors—including the role’s function and location as well as the individual’s knowledge, skills, experience, education and training. This is part of our comprehensive compensation package with annual bonus eligibility and generous benefits to help you live life well.

Regular full-time employees (salaried or hourly) have access to benefits including: Medical, Dental, Vision, Life Insurance, 401(k), Employee Purchase Program, Tuition Assistance (after 6 months), Paid Time Off, Student Loan Program (after 6 months), Wellness Incentives, and many more.  In addition, regular full-time employees (salaried or hourly) are eligible for MBO bonus compensation, based on company, division, and individual performance.