Role : Security Firmware Engineer Job Description: Vertiv Thermal business unit is seeking an Embedded Product Security Engineer to help protect the security and integrity of our embedded thermal firmware platforms and exposed system interfaces across mission-critical infrastructure products. This role is responsible for investigating, analyzing, and resolving security vulnerabilities, supporting regulatory and standards compliance, and partnering with firmware and platform engineering teams to embed security-by-design practices throughout the product lifecycle. The successful candidate will play a key role in ensuring Vertiv products meet evolving cybersecurity expectations while maintaining reliability and performance in critical customer environments. This role offers the opportunity to:
· Influence product-level cybersecurity across thermal embedded platforms.
· Work closely with firmware, controls, and platform engineering teams.
· Contribute directly to security-by-design practices in mission-critical systems. Required Experience
· Bachelor’s degree in Computer Engineering, Computer Science, Electrical Engineering, or a related technical field.
· Experience working with embedded firmware or embedded Linux-based platforms.
· Working knowledge of embedded security concepts, including secure boot, firmware signing, cryptography, and secure update mechanisms.
· Experience investigating or mitigating software vulnerabilities in embedded or product environments.
· Familiarity with networked embedded systems and common protocols (e.g., TCP/IP, TLS, diagnostics interfaces).
· Ability to collaborate effectively with cross-functional engineering, quality, and compliance teams.
· Preferred Experience
· Experience with product cybersecurity standards such as IEC 62443, ISO/SAE 21434, or similar industrial/OT security frameworks.
· Familiarity with SBOM formats and tooling (e.g., CycloneDX, SPDX). Responsibilities
· Investigate reported and internally discovered firmware vulnerabilities across embedded and gateway platforms.
· Perform security analysis of embedded firmware packages, update mechanisms, and exposed interfaces (network, diagnostic, field service).
· Support secure boot, firmware signing, and update validation implementations in collaboration with firmware engineering teams.
· Conduct threat modeling and risk assessments for embedded platforms and interface exposure.
· Drive vulnerability response workflows, including root cause analysis, remediation tracking, and verification.
· Ensure alignment with product cybersecurity standards and regulations, including IEC 62443, ISO 27001, NIS2, and CRA-related obligations.
· Review and maintain SBOMs and supplier security documentation to support compliance and supply-chain security requirements.
· Partner with QA and firmware teams on security testing, validation, and release readiness.
· Contribute to internal security requirements, checklists, and conformance matrices for embedded platforms. Education & Certifications:
Bachelor’s degree or foreign equivalent with strong emphasis on software: Computer Science, Software Engineering, Mechanical Engineering, Electrical Engineering, or Computer Engineering
Requirements 3+ years of experience resolving security issues in embedded firmware 3+ years of experience with Linux-based secure firmware development and testing 3+ years of experience using the C/C++ programming language
Free forever • No spam • Leave anytime