Security Infrastructure Engineer
Job Summary
Job Description
We are seeking a Security Infrastructure Engineer to evolve the RISC-V ecosystem and build secure-by-design RISC-V based systems. The security team is responsible for defining external and internal interfaces for secure provisioning and trusted computing base (TCB) updates of SOC and platforms. This role involves building security infrastructure services to support secure device provisioning and lifecycle management for the SOC-Integrated Root of Trust (RoT) and managing trusted platform elements. We are looking for individuals at multiple levels, including technical leads, developers, and operators, with experience in this area. The team is committed to open source software and hardware.
Must have:
- Design, develop, deploy security infrastructure services
- Design APIs, protocols, services for asset management
- Develop key generation/management policies
- Interface with manufacturing for provisioning
- Lead SW teams for service components/SDKs
- Operate security infrastructure services
- Full stack development with fault-tolerant systems
- HSM integration and coding
- Experience with remote systems and ATE integration
- Operational experience with HSM, code-signing, access control
- Understand security flows and crypto primitives
- VPN, SSL, secure connection experience
- Proficiency in C/C++/Java or Python
- Technical degree (PhD, Master's, or Bachelor's)
Good to have:
- Experience with software deployment via containers (K8s)
- Experience with RISC-V, OpenTitan, or Caliptra
5 skills required
Job Details
We are working on software, firmware and hardware to evolve the RISC-V ecosystem and build secure-by-design RISC-V based systems.
The security team has the charter to define external and internal interfaces for secure provisioning and trusted computing base (TCB) updates of our SOC and platforms. As part of our work on foundational security and to enable Trusted Execution Environments for RISC-V based platforms, we are building the security infrastructure services necessary to support secure device provisioning and lifecycle management for the SOC-Integrated Root of Trust (RoT), and manage the trusted elements of the platform.
Positions are open for full-time roles at multiple levels in this area, including, for a technical lead capable of designing the overall set of services and developing and deploying the first prototypes, as well as developers and operators who have experience in this area. The team is expected to grow over time to increase development and operational capacity in a scalable manner.
We are big proponents of open source software and open hardware and contribute back improvements to all the great projects we use.
Responsibilities
- Design, develop, and deploy security infrastructure services for key management, manufacturing provisioning, certificate authority, and code signing
- Design and develop APIs, protocols and services for enumeration, configuration and management of platform assets
- Develop policies and procedures associated with key generation/management
- Interface with manufacturing partners to install, troubleshoot and debug security provisioning aspects.
- Interface and lead SW teams to build the components required for hosting the services along with any SDKs required for partners.
- Day-to-day operations of security infrastructure services
Requirements
- Full stack developer with fault-tolerant systems experience and security background
- Hardware security module (HSM) appliance integration and coding for code signing services, secure payload decryption, certificate signing, device ID generation, etc.
- Experience with integrating remote systems with automatic test equipment (ATE)
- Operational experience in deploying and maintaining an HSM, code-signing, access control management, web services deployment, software upgrades, CI/CD flows
- Understanding of security flows, key generation, secure key delivery, access control tokens, key cards, n of m quorums, and other secure processes
- Understanding of crypto primitives such as keys, signatures, certificates, etc.
- VPN, SSL, secure connection experience (programming and configuration)
- Proficiency programming in C/C++/Java or equivalent UI capable language and/or programming in Python or equivalent scripting language
- Experience with software deployment via containers (K8s) a plus
- Experience with RISC-V, OpenTitan, or Caliptra a plus
Education and Experience
- PhD, Master’s Degree or Bachelor’s Degree in technical subject area.
Similar Jobs
bytedance
Singapore (On-Site)
• 6 Months ago
Qualcomm
Bengaluru, Karnataka, India (On-Site)
• 4 Weeks ago
Qualcomm
Iași, Iași County, Romania (On-Site)
• 1 Month ago
Get notifed when new similar jobs are uploaded
Similar Skill Jobs
NVIDIA
Remote, Oregon, United States (Remote)
• 4 Months ago
Salesforce
San Francisco, California, United States (On-Site)
• 8 Months ago
ZeniMax Media
Montreal, Quebec, Canada (On-Site)
• 9 Months ago
bytedance
Seattle, Washington, United States (On-Site)
• 2 Months ago
Epic Games
Vancouver, British Columbia, Canada (On-Site)
• 4 Months ago
Get notifed when new similar jobs are uploaded
Jobs in Santa Clara, California, United States
Hawkeye Innovations
Rosemont, Illinois, United States (On-Site)
• 3 Months ago
Star schema
Brookhaven, Pennsylvania, United States (On-Site)
• 1 Week ago
Ansys
Exton, Pennsylvania, United States (On-Site)
• 1 Month ago
bytedance
San Jose, California, United States (On-Site)
• 7 Months ago
Get notifed when new similar jobs are uploaded
Cyber Security Jobs
Rippling
Seattle, Washington, United States (On-Site)
• 1 Week ago
Netflix
Warsaw, Masovian Voivodeship, Poland (On-Site)
• 4 Months ago
Tide
Lithuania (Hybrid)
• 1 Month ago
Get notifed when new similar jobs are uploaded
