The Netflix Device Partner Security team coordinates with internal and external partners to ensure the security of our subscribers and the Netflix streaming/gaming ecosystem. Internally, we work cross-functionally to ensure that partner and device security interests are well represented in product/feature discussions and implementations. Externally, we work closely with our ecosystem partners to jointly understand and navigate the security-related complexities of a rapidly evolving multi-tenant device ecosystem. We are deeply technical and highly collaborative. Much of our work, both internal and external, is accomplished through influence. Security technology is evolving, and so are we. We're constantly learning. Click here () to listen to a Podcast on our Streaming Security team (episode 9).
We're looking for an exceptional security software engineer to join the Device Partner Security team at Netflix. In this role, you will be responsible for the security of Netflix streaming and gaming devices. You will work directly with SoC vendors and device manufacturers to design and secure their systems, and you will use your influence and expertise to proactively address new threats as they arise. You will prototype and implement device security firmware that runs in the application, OS, hypervisor, and Trusted Execution Environment (TEE). This role involves significant international travel (typically at least one week per quarter, assuming travel remains safe). In addition to major SoC vendors, you'll maintain technical security relationships with device OEMs/ODMs, IP vendors, DRM vendors, Conditional Access vendors, set-top box integrators, TV operators, and mobile device vendors throughout the world. In some cases relationships are well established, and you will immediately be influential. In others, you and your teammates will establish and then build these relationships. In this role, you will be an influential security researcher, implementer, and expert whose impact will be evident in devices you see all around you.
- You are curious by nature, and have an established track record of self-directed learning.
- You have significant embedded development experience, and you are experienced in and passionate about security.
- You have a good understanding of operating system functionality, and you know how to think systematically about threats and mitigations.
- You have a good high-level understanding of cryptographic methods, and you have the ability to analyze cryptographic constructs to determine whether they meet stated security objectives, or you have a strong desire and aptitude to learn.
- You are strong in C and/or C++, and you want to design and implement code that runs at the most privileged system levels.
- You have a good understanding of (or a strong desire to learn about) embedded system hardware architecture, and in particular, security-related aspects of the hardware.
- You enjoy solving challenging problems, and you think figuring out how to hack things is interesting and fun.
- You are comfortable working with others who may challenge your views, and you like the idea of traveling internationally and experiencing other cultures.