Job Description:

**Job Id** E1954405

**Job Title** Product Security Engineer (US and EU locations)

**Post Date** 10/10/2017

**Company-Division** Qualcomm Technologies, Inc.

CDMA Technology at http://www.qualcomm.com/about/businesses/qct

**Job Area** Engineering – Security

**Location** California – San Diego

**Job Overview** Job function includes participation in product security incident response, security research on Qualcomm products in detecting and mitigating security vulnerabilities, customer communications on product security related issues. Specific responsibilities may include binary analysis to identify vulnerabilities being used in active exploits; review of resolutions as part of the incident response; assisting customers to adopt security patches; internal vulnerability detection and risk assessment using both manual methods and automated tools; evaluating new technologies/tools to help detect, triage, and mitigate security vulnerabilities; reaching out to security research community and fostering coordinated vulnerability disclosure.

All Qualcomm employees are expected to actively support diversity on their teams, and in the Company.

**Minimum Qualifications** Applicants should possess at least two years of experience (work or academic) in the field of software security and, specifically, with experience of performing software security audits. Ability to work independently with minimal supervision is a must. Applicants should have expertise or experience in two or more of the following areas:

+ Binary analysis and malware/exploit reverse engineering

+ Product security incident response in mobile, embedded device or automotive industry

+ Secure code review, analysis and vulnerability assessment

+ Security testing, e.g. fuzzing and pen-testing

+ Operating system security

+ Mobile platform security such as Android

+ Automotive Security

+ Exploit mitigation techniques

+ Threat modeling

**Preferred Qualifications** The following skills/experience will be considered a plus:

+ Experience of working with external security researchers

+ Experience of applying software static or dynamic analysis tools (such as Klocwork, Coverity, LLVM sanitizers and popular fuzzing tools) to large code base for vulnerability detection

+ Knowledge of the internals of mobile or embedded operating systems

+ Knowledge of electronic systems in automotive products

+ Knowledge of wireless communication systems and protocols (CDMA/GSM/UMTS/LTE, WLAN, Bluetooth, NFC, etc)

+ Knowledge of secure protocols/standards (such as SSL/TLS, PKI, PKCS)Soft skills:

+ Teamwork across various teams and geolocations.

+ Able to communicate in English, both verbal and written.

**Education Requirements** Bachelor degree and above; graduate degree in a security related field of Computer Science, Electrical Engineering or Mathematics is a plus.

**EEO employer: including race, gender, gender identity, sexual orientation, disability & veterans status.**

About Qualcomm

Who is Qualcomm, and what do we do? We are engineers, scientists and business strategists. We are from many different countries and speak many different languages. We come from diverse cultures and have unique perspectives. Together, we focus on a single goal—invent mobile technology breakthroughs.