Director of System Architecture - Connected Water Metering Products

About The Position

Requirements

• Bachelor's or Master's degree in Electrical Engineering, Computer Engineering, Computer Science, or equivalent experience.
• 10+ years in systems engineering, software systems, embedded systems, or IoT product development, with at least 3 years in a systems architect or principal engineer role.
• Hands-on experience with constrained embedded/firmware environments (RTOS, bare metal, C/C++) and cloud-connected IoT protocols (MQTT, AMQP, CoAP, LWM2M).
• Experience with cloud infrastructure and services (AWS preferred), including containerized workloads, API management, and data ingestion pipelines.
• Deep knowledge of PKI, X.509 certificates, TLS/DTLS, secure boot, code signing, HSMs, and secure element integration for high-volume manufacturing.
• Experience authoring formal systems engineering artifacts: SRS, ICD, architecture decision records, FMEA, threat models, and verification and validation plans.
• Demonstrated experience structuring product development so that requirements, design decisions, and the tests that verify them are defined and maintained together throughout the program, not bolted on at the end.
• Experience with RF communication technologies relevant to AMI/AMR (e.g., 900 MHz mesh, LoRa, NB-IoT, LTE-M) and associated link-layer security considerations.
• Strong written communication skills; this role produces specifications, not just slides.

Nice To Haves

• Background in utility metering, smart grid, water/gas/electric AMI, or industrial IoT product development.
• Familiarity with SOC2 (Type I/II), ISO 27001, GDPR, CCPA and other standards.
• Experience with IEC 62443 or NERC CIP for operational technology cybersecurity, or NIST 800-82.
• Exposure to manufacturing line security station integration (HSM-backed key injection, test fixture interfaces, MES integration).

Responsibilities

• Define and maintain the holistic system architecture spanning water meter firmware, RF/cellular gateway collectors, cloud headend services, APIs, and supporting IT infrastructure. Identify and resolve cross-domain interfaces and integration points early in the product lifecycle.
• Author and maintain system-level specifications for new product development, including system requirements specifications (SRS), interface control documents (ICDs), hardware/firmware/software architecture documents, and operational concepts. Ensure traceability from customer requirements through design to test.
• Design and specify the end-to-end PKI and key management architecture for device identity, covering device certificate provisioning during manufacturing, secure key injection processes, certificate lifecycle management, trust hierarchies (root CA, intermediate CA, device certificates), secure boot chain-of-trust, firmware signing, and code signing for distributed mobile and desktop applications. Define manufacturing-line integration specifications to ensure cryptographic material is provisioned correctly and auditably at scale.
• Establish and enforce security architecture across the product stack, including secure boot, authenticated and encrypted OTA firmware update, mutual TLS for device-to-cloud communication, secure element and TEE integration where applicable, and headend access controls. Support threat modeling and drive security requirements into design across firmware, software, and infrastructure teams.
• Define and own a disciplined system verification and validation strategy in which every customer and system requirement is explicitly tied to a test that proves it works, from unit and integration tests at the component level through subsystem qualification, full system testing, and end-to-end field acceptance. Drive the creation of test specifications across firmware, software, RF communication, headend integration, and security properties.
• Work closely with product managers, firmware engineers, hardware engineers, manufacturing operations, UX/UI designers, and other stakeholders to ensure all systems meet business objectives and deliver a seamless end-to-end product experience. Serve as the technical authority across firmware, software, hardware, manufacturing, and DevSecOps teams. Lead architecture reviews and design critiques. Support the CTO on technology strategy, platform roadmap decisions, and technical risk identification for new product programs.
• Stay current with emerging technologies in IoT, embedded security, cloud infrastructure, and connected device ecosystems. Bring innovative solutions to complex system challenges and continuously evaluate opportunities to improve Neptune's product architecture, development processes, and manufacturing integration.