Sr. Embedded Security Engineer
United States of America
Full Time
2 weeks ago
$70 - $85 USD
H1B Sponsor Likely
Key skills
Embedded Linux userspace developmentC++Linux securityChain-of-trustSecure bootOP-TEE Trusted Application developmentREE-TEE integrationlibteectee-supplicantShared memoryOP-TEE secure storageeMMC RPMBYocto/OpenEmbedded integrationKernel integrationU-Boot integrationCertificate provisioningKey provisioningKey lifecycle managementECDSA-P256AES256-ECBSHA256Signature generationDER key formatPEM key formatC
About this role
Yoh, A Day & Zimmermann Company is seeking a Sr. Embedded Security Engineer to work with their embedded software team on the development and maintenance of security architecture for autonomous vehicle compute platforms. The role involves collaborating with engineers to produce secure, maintainable code and implementing key management features.
Responsibilities:
- Work closely with a multidisciplinary team of hardware, software and system engineers to ensure the success of our product and its integration along the way
- Produce high-quality, maintainable code
- Design, bring up, and test the key management features as you implement the secure key management architecture
- Work across technology and team boundaries to ease debugging and deliver features — from userspace, to kernel, to even lower-level components
- Assist in implementing other security functions including HSM firmware development for SecureBoot, Intrusion Detection, and Crypto Acceleration
- Assist in testing and integrating other security functions into Latitude’s development fleets and production integrations
Requirements:
- Strong Embedded Linux userspace development (modern C++)
- Linux security / chain-of-trust / secure boot concepts
- OP-TEE Trusted Application (TA) development
- REE ? TEE integration (libteec, tee-supplicant, shared memory)
- OP-TEE secure storage with eMMC RPMB
- Yocto/OpenEmbedded integration (layers/recipes/images; kernel/U-Boot integration)
- Certificate/key provisioning flows on-device (store/load/verify/backup/restore)
- Key lifecycle management (generation/import/provisioning/storage/rotation/revocation)
- Security Algorithm Knowledge - ECDSA-P256, AES256-ECB, SHA256, Signature Generation, DER/PEM Key Formats, etc
- dm-verity integration (verified rootfs / device-mapper)
- Encrypted storage/filesystems (dm-crypt, LUKS patterns)
- Linux kernel keyring / key handling in Linux
- Boot-time initialization sequencing and optimization
- TI security architecture familiarity (DMSC / TISCI concepts)
- Hardware-backed security / HSM-style integration and key management
- Manufacturing provisioning workflows (device identity, ECU unique certs/IDs)