Infrastructure Security Engineer
About The Position
Skip is on a mission to make life joyful through powered movement. Movement is a powerful way to build physical, mental and social health. Yet it is elusive for 2 billion people due to age, injury, or disability. We are building products that will restore mobility for millions and enable a new frontier of joyful movement experiences. We want to build a future where a grandparent can easily outrun their grandkids and no one is left behind at the trailhead. Skip is a 24-person early-stage start-up that spun out of Google X in 2023. With deep cross-disciplinary expertise and key partnerships (e.g. with Arc’teryx) we are uniquely positioned to launch the first commercially successful wearable robotic device, the MO/GO, develop a platform to launch future Movewear products and transform millions of lives in the coming years.
Requirements
- 6+ years of experience in infrastructure engineering, platform security, or a combined DevSecOps role
- Hands-on experience designing and operating PKI systems: CA hierarchies, certificate provisioning at scale, key management, and revocation
- Strong GCP or equivalent cloud infrastructure experience (IAM, VPC, Secret Manager, Cloud KMS, audit logging)
- Experience with Infrastructure as Code (Terraform or equivalent)
- Solid understanding of TLS, mTLS, code signing, and secure boot concepts in the context of connected devices or IoT
- Experience with CI/CD security: signing pipelines, artifact attestation, secrets hygiene
- Able to operate independently in a fast-paced environment where the security playbook is still being written
- Ability to relocate to work at the Skip Bay Area office
- Sense of humour, tolerant of Aussie & Canadian spelling
Nice To Haves
- Experience securing IoT or embedded device fleets at scale, including OTA update security
- Familiarity with embedded security primitives: secure elements, TrustZone, TPM, or hardware attestation
- Background in compliance frameworks relevant to connected medical or consumer devices (SOC 2, ISO 27001, FDA cybersecurity guidance)
- Experience with BLE security and wireless protocol hardening
- Experience in start-up environments
- Personal motivation to improve human movement
Responsibilities
- Design and operate Skip's PKI infrastructure -- device certificate provisioning, certificate authority management, key lifecycle management, and revocation -- across our device fleet and cloud services
- Own device identity and secure boot: ensure every MO/GO that leaves our factory is cryptographically authenticated and that firmware updates can only come from Skip
- Harden our GCP infrastructure across networking, IAM, secrets management, and data isolation between Dev and Prod environments
- Build and maintain security tooling for secrets management, vulnerability scanning, dependency auditing, and incident detection
- Define and implement secure OTA (over-the-air) update pipelines that ensure firmware integrity from signing through delivery to device
- Automate infrastructure provisioning and security configuration using Terraform and GCP-native tooling
- Partner with firmware engineers to define embedded security requirements -- secure element usage, TrustZone, attestation -- and ensure cloud-side infrastructure meets them
- Contribute to compliance readiness as we approach regulated market entry, including audit logging, access controls, and data handling practices
- Wear prototypes several hours a week to participate in data collection, test new builds, and provide feedback
- Bring joy to the team, participate in embarrassing team events, tolerate KZ's terrible music choices
Benefits
- equal opportunity employer
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Entry Level
Education Level
No Education Listed
