Security Software Engineer
Responsibilities
Design and develop the end-to-end security architecture for SoC-based products
Secure Boot / Anti-rollback
Key Provisioning / Hardware Root of Trust
Secure Lifecycle State management (LCS) for firmware, keys, and devices
Develop and integrate security modules for firmware and system-level protection
Perform vulnerability analysis, attack-surface evaluation, and memory-protection hardening
Integrate, validate, and optimize hardware cryptographic engines
(AES/GCM engines, TRNG, PKA, RSA, PQC, hash accelerators, secure key storage, etc.)
Develop secure firmware update/rollback policies and product lifecycle controls
Requirements
Strong understanding of embedded security fundamentals: Secure Boot, key management, cryptography
Experience with TLS, X.509, ECC, AES, and cryptographic or security libraries
Proficiency in C/C++ or Rust for secure system software development
Experience analyzing security issues in SoC/FPGA-based systems
Hands-on experience with hardware cryptographic engines and security IP blocks
(AES/GCM, SHA accelerators, TRNG/DRBG, PKA, PUF/HUK, secure key storage, etc.)
Understanding of firmware lifecycle and key lifecycle management
Preferred Qualifications
Experience with TPM, HSM, TrustZone, OP-TEE, or other hardware security architectures
Experience implementing secure firmware signing, provisioning, and deployment pipelines
Background validating cryptographic engines under standards like FIPS 140-3, NIST CMVP
Security engineering experience for AI accelerators, networking chips, or SoCs
Contribute to development practices aligned with standards such as FIPS, PSA Certified, CAVP, CMVP and related industry certifications