[HGI-News] Hardware Security position at Microsoft..

[hgi-news at lists.ruhr-uni-bochum.de]

Sorry for the many job postings recently. Here is another for a very
interesting security position in the US. If anybody is interested, please
contact Rob McIntosh directly (email is in the cc).

Gruss, Christof Paar
  -----Ursprüngliche Nachricht-----
  Von: Rob McIntosh [mailto:rmcint at microsoft.com]
  Gesendet: Mittwoch, 21. Januar 2004 17:19
  An: Christof Paar
  Betreff: RE: Need your help re Hardware Security @ Microsoft..



  Program Manager(NGSCB - Hardware Security)
  Come work on exciting new initiatives at Microsoft! The security
compliance program manager builds a framework to promote good 3rd party
implementations of our security technology. Specifically, you will be
defining technical requirements for hardware partners who are helping to
build the Next Generation Secure Computing Base (NGSCB,
http://www.microsoft.com/ngscb). NGSCB is new security technology for the
Microsoft Windows platform that uses a unique hardware and software design
to provide strong security and privacy protections in an interconnected
world. Your program will define security compliance requirements for new
hardware components that will support the NGSCB architecture. The components
include chips, motherboards, I/O devices and graphics processors. How do you
help our partners? You have the following responsibilities: Work with the
technical team to develop threat models for NGSCB implementations, identify
and specify mitigating behaviors for these threats, and incorporate these in
technical specifications; ensure that other product documentation, tools and
communications reflect the security compliance program/requirements; build
an overall framework for expressing and evaluating these threats and
mitigations, working with stakeholders to define and set quality bar(s) that
IHV partners could meet prior to receiving enabling technology; determine
how partners would “prove” meeting the quality bars; help drive the test
function’s development of supporting test tools; promulgate information
inside and outside the company; represent the compliance program and its
requirements to internal and external stakeholders, incorporating feedback
in program design and promoting adoption of our framework (this could
include representing the company in a working group of a standards body and
working with OEMs developing NGSCB hardware); work with internal
stakeholders to define and roll out the overall compliance program for
NGSCB, helping set strategy and policy in this area; own the technical
vision for NGSCB security compliance. We’re looking for an experienced
technical Progam Manager with at least an undergraduate degree in computer
science and a minimum of three years working on the Windows client platform
and PC architecture, including involvement shipping hardware product. In
addition to having a strong technical background, this person must be a
self-starter, a strong written and oral communicator, and able to work
effectively across organizations. You will be required to travel ~20% of the
time (mostly domestic). Familiarity with common computer security
attacks/concepts would also be highly beneficial but is not required.

  Bottom Line:

    a.. Advanced degree in electrical engineering (preferred) or computer
science.
    b.. Exp working as a Architect focused on hardware development,
including chips, motherboards, peripheral devices (e.g. input/output devices
like mice, keyboards) and graphics (processor, renderer) and has deep
understanding of how these components interact with operating system.
    c.. Must have exp focusing on PC client architecture; familiarity with
Windows OS a benefit (Security at the OS/Hardware level)
    d.. Participation in standards body would be benficial.
    e.. Candidate has to be willing to be very hands on in development of
technical security requirements, capturing those in documentation
(Architecture & requirements)
    f.. Experience working with external stakeholders (OEMs/ODMs and
hardware partners) on compliance programs will be a distinct advantage.
    g.. Experience working with product groups and product
management/marketing.
    h.. Exp working in a senior role where impacting/infulencing decision
makers/groups without direct authority is a must

  ============================================
  Prof. Christof Paar
  Chair for Communication Security
  Dept. of Electr. Eng. & Information Sciences
  Ruhr-University Bochum
  44780 Bochum, Germany

  URL: www.crypto.rub.de
-------------- nächster Teil --------------
Ein Dateianhang mit HTML-Daten wurde abgetrennt...
URL: <http://lists.ruhr-uni-bochum.de/pipermail/hgi-news-deutschland/attachments/20040122/285d8a60/attachment.html>