About The Team
Join Cloudflare's Security Team in Bangalore. We seek motivated students in Cybersecurity, Computer Science, or Information Systems for a cross-functional role. This position offers hands-on experience across multiple security domains, including GRC, IAM, Appsec, and Sec Arch, to help build a safer internet.
About the role/What You'll Do
- Provide input on security requirements for new infrastructure and engineering initiatives.
- Assist with documentation and maintenance of the corporate security architecture blueprints
- Your focus will be on hardware security ,secure boot processes, side-channel attack mitigation, BIOS level security requirements and cryptographic isolation within devices, etc.
- Partner with hardware and firmware teams to provide security guidance for the design and implementation of security features such as Hardware Root of Trust (RoT), Secure Boot (e.g., UEFI configuration), and hardware-based cryptographic accelerators.
- Define advanced memory protection strategies.
- Collaborate with the Security Detections and Monitoring team to develop telemetry and alerts for detecting unauthorized hardware changes, firmware tampering, or suspicious BIOS/UEFI configuration modifications.
- Define and enforce secure configuration standards for BIOS/UEFI settings, Trusted Platform Modules (TPM), and physical port management (e.g., USB, JTAG, UART) to prevent unauthorized access.
- Coordinate 3rd party hardware and firmware penetration tests, review technical findings, and translate complex vulnerabilities into actionable security requirements for engineering teams.
- Design secure solutions for complex infrastructure problems, such as implementing Zero Trust principles at the hardware level and securing high-performance computing or edge-device integrations.
- Perform regular audits of hardware and firmware environments to identify "configuration drift" where systems have deviated from established security baselines or approved firmware versions.
- Evaluate vendor updates, microcode patches, and vulnerability data (CVEs) to make prioritized risk-based recommendations for patching critical hardware flaws.
- Act as the security liaison between infrastructure, firmware, and other engineering teams to embed "secure-by-design" principles into the early stages of the hardware procurement and development lifecycle.
- Conduct detailed threat modeling sessions specifically focused on physical attack vectors, side-channel attacks, and supply chain integrity risks.
- Provide deep technical expertise during hardware-related security incidents, assisting with forensic analysis of compromised firmware or physical tampering detected by monitoring systems.
- Develop hardware-specific security policies and reference architectures that comply with international standards such as NIST SP 800-193 (Platform Firmware Resiliency).
Requirements
- Either advanced studies in Cybersecurity, Computer Science, Information Systems, or similar
- Excellent written and verbal communication skills, including the ability to effectively collaborate with technical and senior business staff and management.
- 12+ years in a product or embedded security role, with 7+ years as a Hardware Security Architect.
- Expertise in Medium to high-level security concepts, including secure boot, memory protection, and secure element implementation.
- Proficiency with hardware description languages and hands-on experience with hardware/firmware vulnerability assessment and penetration testing.
- Strong knowledge of security standards relevant to device manufacturing and supply chain
Preferred
- Certifications: CSSLP or relevant vendor-specific hardware security certifications.
- Experience with open-source hardware architectures.
Background in securing IoT, industrial control systems (ICS), or consumer electronics devices.
Top Skills
What We Do
Cloudflare, Inc. (NYSE: NET) is the leading connectivity cloud company on a mission to help build a better Internet. It empowers organizations to make their employees, applications and networks faster and more secure everywhere, while reducing complexity and cost. Cloudflare’s connectivity cloud delivers the most full-featured, unified platform of cloud-native products and developer tools, so any organization can gain the control they need to work, develop, and accelerate their business.
Powered by one of the world’s largest and most interconnected networks, Cloudflare blocks billions of threats online for its customers every day. It is trusted by millions of organizations – from the largest brands to entrepreneurs and small businesses to nonprofits, humanitarian groups, and governments across the globe.
Why Work With Us
Cloudflare employees come from all walks of life. We are mission-driven, and our team is energized by a collaborative, creative environment that celebrates our differences and fosters new ways to grow together.
Gallery
Cloudflare Offices
Hybrid Workspace
Employees engage in a combination of remote and on-site work.
We are committed to developing a global team that is distributed with a flexible working approach. Doing this equitably and inclusively is essential to our success. Visit our careers site for more on 'How & Where We Work.'
