At eero, we work to make your network fast, reliable, and secure. With security embedded in every layer of our design, eero is a product built for security – including an in-house operating system, a suite of consumer security features, no legacy support for weak protocols, and automatic software updates. The product security team is responsible for ensuring that each new product and feature we ship is rock-solid, and that all of our products continue to get more secure over time. We build everything from the hardware to the wireless protocols to the mobile app to the cloud, and we maintain security for our customers and millions of connected devices.
As a Product Security Engineer, you will advise on security issues as a consultant to other teams, as well as develop, test, and harden features for new and existing products. You will be an early hire in a small team, with a range of responsibilities and the freedom to work across a number of projects, and across our entire technology stack.
What you'll do:
Coach engineering teams on secure engineering practices.
Design and execute tests for new hardware and software through the product development lifecycle, including automating security feedback through the CI process.
Own or implement security fixes in response to reported vulnerabilities.
Design and build new security features and enhancements to existing products and services.
Participate in the design of new hardware and software to identify security issues and suggest improvements.
We’re looking for someone who:
Are competent or adept in 1 - 2 (or more!) programming languages, including some combination of Go, Python, and C.
Are knowledgeable about networks and relevant security considerations. Comfort with iptables/ipchains/some equivalent is recommended.
Are knowledgeable about the Linux security model and hardening considerations, such as ASLR, DEP, SELinux, grsecurity, etc. - Debian expertise is a plus.
Have experience building or breaking embedded systems, drivers, or operating systems.
Have 3+ years experience in security engineering, or engineering with a meaningful security focus.
+ Bonus Points if you:
Have experience with WiFi security primitives such as the four-way handshake and simultaneous authentication of equals.
Have experience with secure boot, ARM architecture & TrustZone, and/or TPMs and Secure Elements
Have experience designing, implementing, or attacking radio and wireless interfaces.
We encourage candidates to apply if they meet many but not all of the above requirements, but have a keen interest in the growth areas and the work that eero does.
Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.