PlayStation isn’t just the Best Place to Play —it’s also the Best Place to Work. We’ve thrilled gamers since 1994, when we launched the original PlayStation. Today, we’re recognized as a global leader in interactive and digital entertainment. The PlayStation brand falls under Sony Interactive Entertainment, a wholly-owned subsidiary of Sony Corporation.
Principal Platform Software Security Engineer
San Mateo, CA
We seek a security engineer to spearhead low-level software security initiatives across our current and future PlayStation consoles. You will join an elite team focused on software and hardware security, design and code reviews, penetration testing and system hardening efforts. You will be working to break and secure cutting-edge technology - tackling how to take full advantage of all available resources to maximize security.
Here, you will have opportunities to steer and improve the security throughout the PlayStation platform. The team is involved throughout product development, from early design to production and future updates. From silicon design, to secure boot, to a custom operating system and applications, you will tackle challenging technical security problems at all areas of the console. We are looking for candidates who are excited about diving into a complex system, figuring out all the possible weak points, and designing ways to mitigate or eliminate these risks.
This team sits between security research, design, and development. You will have opportunities to develop security tools, research new ideas, design security systems, as well as find software & hardware vulnerabilities in design and implementation. Finally, you must be able to clearly present your results and findings to development teams or as an executive summary.
If this is you, please apply!
- Discover security issues and improve security for products shipped to over 100M people worldwide
- Design and/or review software security architecture
- Design and/or review hardware security architecture
- Conduct source code security review using dynamic and static analysis tools, and manual review
- Pitch and prototype new security mitigations
- Develop proof-of-concept exploits and validate attack flows
- Develop frameworks to enable full-system security evaluations
- Work closely with development teams during design, implementation and review of new security features
- Evaluate security research and incorporate into our design and review flows
- Triage and evaluate console security issues from external security researchers
- Improve automation of security analysis and review
Required and Nice-to-Have:
- Secure coding, safe computing practices, and code development
- Trusted system design: you are familiar with secure boot, TPMs, and attestation
- Operating system design and security best practices
- Hypervisor design and security best practices
- Hardware security topics such as glitching, side-channel attacks, and JTAG
- Software security topics such as C/C++ security issues and cryptography best practices
- Vulnerability research/assessment: you have discovered subtle vulnerabilities in production code
- Software exploitation and mitigation bypass techniques: you have exploited vulnerabilities on modern systems with layered mitigations
- Cryptography engineering: you have designed and/or reviewed complex systems protected with cryptography
- Security architecture: you have designed and/or reviewed the security architecture for large, complex systems
- x86 and ARM architectures
- Ability to clearly communicate security concerns and collaborate with teams on resolving these concern
Sony is an Equal Opportunity Employer. All persons will receive consideration for employment without regard to race, color, religion, gender, pregnancy, national origin, ancestry, citizenship, age, legally protected physical or mental disability, covered veteran status, status in the U.S. uniformed services, sexual orientation, marital status, genetic information or membership in any other legally protected category.
Reasonable Accommodation Notice Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please tell us if you require a reasonable accommodation to apply for a job or to perform your job. Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.
We strive to create an inclusive environment, empower employees and embrace diversity. We encourage everyone to respond.
We sincerely appreciate the time and effort you spent in contacting us and we thank you for your interest in PlayStation.
PRIVACY NOTICE TO SIE LLC’S JOB APPLICANTS
This Privacy Notice explains what personal information we at Sony Interactive Entertainment LLC collect from you, and why we collect it and use it. This Notice covers our practices regarding the personal information of all applicants to our job positions. Please review it carefully.
Categories of personal information we collect from you
We collect personal information about you throughout the recruiting process, in particular the following categories. Generally, we obtain this information through our Recruiting Team:
A. Identification and contact information
- Direct identifiers such as your first and last name.
- Indirect identifiers such as a government ID, your Social Security, work permit or passport #.
- Contact information such as your email address, mailing address, telephone number.
B. Other information about you or that can be associated with you such as:
- Sensitive/Protected Data. During the recruitment process, you may (voluntarily) provide us with your ethnicity, gender, military service information, or physical or mental health information, as well as your national origin and citizenship.
- Professional or job position-related information, including your past professional experience, references; background verification; talent management and assessment; information regarding any conflicts of interests; and the terms and conditions of your job offer.
- Non-public education information, including information about your education records, such as grades and transcripts.