Principal Security Firmware Architect

About the Role

As a leader/team member in Security Firmware Architecture, you will drive balanced, scalable, and automated solutions. In this high visibility position, your software systems engineering expertise will be necessary towards product development, definition, and root cause resolution.

What You Will Do

Lead the architecture and design of secure embedded firmware solutions, ensuring robust protection against vulnerabilities and threats.

Develop and implement security microarchitectures, leveraging advanced cryptographic techniques and protocols.

Collaborate with cross-functional teams to integrate security features into embedded systems, ensuring compliance with industry standards and best practices.

Conduct thorough security assessments and threat modeling to identify and mitigate potential vulnerabilities in firmware designs.

Mentor and guide junior engineers in best practices for secure firmware development and cryptographic implementations.

Stay abreast of emerging security technologies and trends, and evaluate their applicability to our products and solutions.

Drive the adoption of secure coding practices and tools, including static and dynamic code analysis, to enhance the security posture of our firmware.

Work closely with hardware teams to interpret board schematics and data sheets, ensuring seamless integration of security features.

Lead initiatives to enhance systems management and security in data center environments, focusing on server components and management protocols.

Champion the implementation of Secure Boot, SPDM, Root of Trust, TCG DICE, and NIST 800-193 standards across our product lines.

Collaborate with industry partners and stakeholders to advance security features in Baseboard Management Controllers (BMC) and associated protocols.

Experience with OCP S.A.F.E. audits is preferred.

What You Bring

Bachelor's in Electrical Engineering, Computer Science, Computer Engineering, or related technical discipline

12+ years of experience in BMC development including developing industry standard security practices, secure architecture and tools (alternatively 10+ years with an MS degree)

Extensive experience in embedded firmware development, with a focus on security and cryptography.

Deep knowledge of embedded protocols such as I2C, I3C, SPI, USB, PCIe, and others.

Proven experience in both bare metal and OS-based embedded firmware development, including RTOS, embedded Linux, and Uboot.

Strong expertise in security microarchitecture and design, with a focus on cryptographic algorithms and protocols (CIA, Certificates, PKI, SHA, ECC, HMAC, AES).

Demonstrated ability to identify and address security vulnerabilities in embedded systems.

Familiarity with industry-standard static and dynamic code analysis tools such as Coverity.

Knowledge of code composition tools such as Black duck or equivalent is plus.

Ability to read and interpret complex board schematics and data sheets.

Experience with systems management in data center environments, including server components and management protocols.

Familiarity with Secure Boot, SPDM, Root of Trust, TCG DICE, and NIST 800-193 standards.

Experience with Baseboard Management Controllers (BMC), Redfish, PLDM, Yocto, and OpenBMC software stack.

Knowledge of any specific FPGAs security features is a plus.

Excellent communication and leadership skills, with the ability to work effectively in a dynamic and collaborative environment.

Self-starter with the ability to work independently and drive projects to completion.

About ZT Systems

At ZT Systems, you’ll get to do work you are proud of alongside smart, passionate people. Every day, there are opportunities to collaborate with the best in the industry to design, build, and deliver impactful solutions to world-class customers. Along the way, you will gain hands-on experience in a face-paced environment that’s challenging, rewarding, and career-defining.

A culture built around our values we work hard and think fast. We view challenges as opportunities—to do better, push harder, and be faster than we were the day before. When we fail, we learn from it and move on together. And when we succeed, we use the momentum to go even further. We create value with everything we do, building the foundation of today—and transforming the future of tomorrow.

Join ZT Systems and help us build technology infrastructure that connects the world.

What We Offer

When you join ZT, you’ll enjoy a range of world-class, inclusive employee benefits designed to grow with you and our company. From competitive compensation to 401K matching to comprehensive health & wellness programs and tuition reimbursement, ZT Systems offers industry leading benefits packages for eligible employees designed to help you get the most out of life.

ZT Group Int’l. is an Equal Opportunity Employer and prohibits discrimination and harassment of any kind. ZT Systems provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.

Please be aware that certain positions may require the applicant to either 1) be a (i) U.S. citizen or national, (ii) U.S. lawful, permanent resident (aka green card holder), (iii) Refugee under 8 U.S.C. § 1157, or (iv) Asylee under 8 U.S.C. § 1158, or 2) be eligible to obtain an export control license or license exception from the Bureau of Industry and Science & U.S. Department of Commerce. All offers of employment will be conditional subject to the foregoing.

R-104350