At Jabil we strive to make ANYTHING POSSIBLE and EVERYTHING BETTER. We are proud to be a trusted partner for the world's top brands, offering comprehensive engineering, manufacturing, and supply chain solutions. With over 50 years of experience across industries and a vast network of over 100 sites worldwide, Jabil combines global reach with local expertise to deliver both scalable and customized solutions. Our commitment extends beyond business success as we strive to build sustainable processes that minimize environmental impact and foster vibrant and diverse communities around the globe.

Job Summary

As a Principal Security Engineer and the designated Security Subject Matter Expert (SME), you will define the security architecture and strategy for our next-generation server platforms.

You will serve as the technical authority on Platform Root of Trust (RoT), firmware security, and supply chain integrity. In this high-impact role, you will look beyond individual components to orchestrate a comprehensive "Security-by-Design" approach, guiding engineering teams to implement industry-leading standards (NIST, OCP, TCG) and ensuring our platforms are resilient against advanced cyber threats,including future quantum computing risks.

Job Responsibilities

Security Architecture & Strategy

• Architectural Authority: Define the end-to-end secure boot flow and chain of trust hierarchy across BMC, BIOS, RoT, and peripheral devices.
• PQC Migration Strategy: Lead the strategic roadmap for Post-Quantum Cryptography (PQC) migration. Assess the impact of PQC algorithms (e.g., ML-KEM, ML-DSA) on boot time, memory constraints, and hardware accelerators in embedded environments.
• Protocol Governance: Mandate and guide the correct implementation of security protocols, specifically SPDM (Security Protocol and Data Model), MCTP, and PLDM for device attestation and secure communication.

Risk Management & Compliance

• Threat Modeling: Lead detailed threat modeling sessions for new platforms to identify attack surfaces and prescribe mitigations.
• Vulnerability Management: Act as the lead for Product Security, assessing CVEs affecting OpenBMC/Linux kernel and driving remediation plans.
• Standards Alignment: Ensure product architecture aligns with TCG (Trusted Computing Group), OCP Security, and FIPS 140-3 requirements.

Leadership & Innovation

• Security Advocacy: Champion the adoption of memory-safe languages (e.g., Rust) and modern security practices within the firmware development lifecycle.
• Open Source Engagement: Represent the company in OpenBMC Security Working Groups or OCP Security projects; drive upstream contributions for security enhancements.
• Mentorship: Provide expert consultation to Lead and Senior engineers in the BMC and RoT teams, reviewing critical security designs and code implementations.

Job Qualifications

Education & Experience

• Bachelor’s or Master’s degree in Computer Science, Electrical Engineering or related field.
• 10+ years of experience in embedded security, platform security, or firmware architecture.
• Proven track record of designing secure server platforms or embedded devices from concept to certification.

Technical Mastery (Principal Level)

• Cryptographic Expertise: Deep understanding of cryptographic algorithms (ECC, RSA, SHA, AES) and their application in hardware (TPM, HSM, Hardware RoT).
• Protocol Expert: Authoritative knowledge of SPDM (1.0/1.1/1.2), MCTP, Cerberus architectures, and TCG specifications.
• Hardware Security: Strong knowledge of hardware security primitives: Physical Unclonable Functions (PUF), TrustZone, SGX, and side-channel attack mitigations.

BE AWARE OF FRAUD: When applying for a job at Jabil you will be contacted via correspondence through our official job portal with a jabil.com e-mail address; direct phone call from a member of the Jabil team; or direct e-mail with a jabil.com e-mail address. Jabil does not request payments for interviews or at any other point during the hiring process. Jabil will not ask for your personal identifying information such as a social security number, birth certificate, financial institution, driver’s license number or passport information over the phone or via e-mail. If you believe you are a victim of identity theft, contact your local police department. Any scam job listings should be reported to whatever website it was posted in.

Jabil, including its subsidiaries, is an equal opportunity employer and considers qualified applicants for employment without regard to race, color, religion, national origin, sex, sexual orientation, gender identity, age, disability, genetic information, veteran status, or any other characteristic protected by law.

Accessibility Accommodation

If you are a qualified individual with a disability, you have the right to request a reasonable accommodation if you are unable or limited in your ability to use or access Jabil.com/Careers site as a result of your disability. You can request a reasonable accommodation by sending an e-mail to Always_Accessible@Jabil.com with the nature of your request and contact information. Please do not direct any other general employment related questions to this e-mail. Please note that only those inquiries concerning a request for reasonable accommodation will be responded to.

#whereyoubelong