Sr. Embedded Security Engineer
United States of America
Full-time
1 week ago
$70 - $85 USD
H1B Sponsor Likely
Key skills
Embedded Linux developmentLinux security conceptsOP-TEE developmentYocto/OpenEmbedded integrationKey lifecycle managementSecurity Algorithm KnowledgeSoft skillsC++C
About this role
Yoh, A Day & Zimmermann Company is a leading staffing firm, and they are seeking a Senior Embedded Security Engineer to work with their embedded software team. The role involves developing and maintaining security architecture for autonomous vehicle compute platforms, collaborating with a multidisciplinary team, and implementing secure key management features.
Responsibilities:
- Work closely with a multidisciplinary team of hardware, software and system engineers to ensure the success of our product and its integration along the way
- Produce high-quality, maintainable code
- Design, bring up, and test the key management features as you implement the secure key management architecture
- Work across technology and team boundaries to ease debugging and deliver features — from userspace, to kernel, to even lower-level components
- Assist in implementing other security functions including HSM firmware development for SecureBoot, Intrusion Detection, and Crypto Acceleration
- Assist in testing and integrating other security functions into Latitude’s development fleets and production integrations
Requirements:
- Strong Embedded Linux userspace development (modern C++)
- Linux security / chain-of-trust / secure boot concepts
- OP-TEE Trusted Application (TA) development
- REE ? TEE integration (libteec, tee-supplicant, shared memory)
- OP-TEE secure storage with eMMC RPMB
- Yocto/OpenEmbedded integration (layers/recipes/images; kernel/U-Boot integration)
- Certificate/key provisioning flows on-device (store/load/verify/backup/restore)
- Key lifecycle management (generation/import/provisioning/storage/rotation/revocation)
- Security Algorithm Knowledge - ECDSA-P256, AES256-ECB, SHA256, Signature Generation, DER/PEM Key Formats, etc
- dm-verity integration (verified rootfs / device-mapper)
- Encrypted storage/filesystems (dm-crypt, LUKS patterns)
- Linux kernel keyring / key handling in Linux
- Boot-time initialization sequencing and optimization
- TI security architecture familiarity (DMSC / TISCI concepts)
- Hardware-backed security / HSM-style integration and key management
- Manufacturing provisioning workflows (device identity, ECU unique certs/IDs)