[Tier 1 半導體設計公司]Senior DevSecOps and Embedded Build Engineer_Taipei

Role Objective Own CI/CD and test infrastructure for embedded firmware. Drive DevSecOps integration, secure build/release workflows, and process robustness while mentoring junior engineers. Key Responsibilities Architect and maintain scalable firmware build and release pipelines for embedded platforms. Lead DevSecOps integration: SAST, DAST, SBOM & license compliance, CVE scanning/third‑party risk, artifact signing & delivery validation. Design and implement automated test execution on real hardware (sanity, regression, secure‑boot validation). Mentor junior build engineers; improve reliability, quality, and coverage across pipelines. Align with Security, IT, and Firmware teams on the company’s Secure SDL. Maintain embedded test lab assets (DUT automation, serial log capture, board provisioning). Monitor CI health, resolve bottlenecks, and continuously improve stability and test coverage. Minimum Qualifications M.S. in EE/CS (3+ years relevant experience) or Ph.D. in related field. Hands‑on with embedded build systems (Yocto, Buildroot, CMake, cross‑compilers). Proficient in Python and Bash for CI automation and test harnesses. Strong grasp of secure software delivery, SBOM, SAST, and CVE tracking. Experience with CI/CD platforms (GitLab CI, Jenkins) in firmware/embedded domains. Knowledge of embedded Linux, bootloaders (e.g., U‑Boot), and board bring‑up/debug. Preferred Qualifications Experience with security compliance tools (SPDX, Trivy, Black Duck, OSS Review Toolkit). Familiarity with image signing, secure‑boot chain validation, and hardware root of trust. Background in firmware QA automation or HIL test frameworks. Strong cross‑functional communication and technical leadership. Experience scaling/managing embedded validation labs. Qualcomm Linux experience is a strong plus. Comfortable in globally distributed, cross‑disciplinary teams.