Hardware Security Architect R&D (M/F)
Les Clayes-sous-Bois (Yvelines)
Job description
Eviden is an Atos Group business with an annual revenue of circa € 5 billion and a global leader in data-driven, trusted and sustainable digital transformation. As a next generation digital business with worldwide leading positions in digital, cloud, data, advanced computing and security, it brings deep expertise for all industries in more than 47 countries. By uniting unique high-end technologies across the full digital continuum with 55,000 world-class talents, Eviden expands the possibilities of data and technology, now and for generations to come.
Product Security makes an increasing use of cryptographic keys to secure firmware and management software. Each new chip comes with its own hardware security mechanisms to support secure boot and secure firmware upgrade. As an integrator of these chips, a vendor must maintain a consistent approach to these security features, from design and development to manufacturing.
The protection of the vendor keys is of utmost importance to the security of the supply chain and the trust our customers can have in the security of our products. To achieve high level of security, the use of hardware security modules (HSM) in the development infrastructure is mandatory. They are also used to provision unique device secrets during manufacturing of Eviden products, more specifically all the BullSequana servers, from Edge to Enterprise and High-Performance Computing (HPC) , as well as Quantum Learning Machine (QLM) .
The Hardware Security Architect will interact with:
· The different Product managers who are the stakeholders responsible for the delivery of the products to Eviden’ customers.
· Product R&D teams to ensure smooth integration with the security features that they are developing.
· The HSM Integration team to organize the development of the necessary features to support hardware security functions in the products.
· The Chief Product Security Officer (CPSO) who is responsible for the overall governance of Product Security Implementation in Eviden’s delivered products.
The Hardware Security Architect:
· Specifies the security features in Eviden’s products and contributes to the elaboration of their development roadmap.
· Specifies the Key Management aspects of the security features developed in Eviden’s products.
· Supervises the development of the proxy framework around the HSMs, which is interacting with the different development frameworks
Key competencies:
· Advanced knowledge of Public Key Infrastructure (PKI)
· Knowledge on security concepts for administrators (data, web and network security, disaster recovery plans, risk analysis) especially those useful in a production environment
· Knowledge on hardware security features like HSM, TPM, TEE, Roots and Chains of trust, device attestation, UEFI Secure Boot, etc.
· Fluent written and spoken English
Nice to have:
· Knowledge of scripting languages, especially bash.
· Knowledge of cryptographic key manipulation with tools like openssl.
· Knowledge of pkcs11-tool and PKCS11 interface.
· Knowledge of the cybersecurity tools and best practices
· Experience in Cybersecurity area: access control, encryption/ discovering & managing vulnerabilities/ collecting & analyzing events.
Let’s grow together.