Platform Hardware Security

About The Position

Requirements

• 8+ years of experience in systems security, with at least 5 years focused on firmware and hardware security (firmware, bootloaders, and OS-level security)
• Hands-on experience with secure boot, measured boot, and attestation technologies (TPM, Intel TXT, AMD SEV, ARM TrustZone)
• Strong understanding of cryptographic protocols and hardware security modules
• Experience with UEFI/BIOS or embedded firmware security, bootloader hardening, and chain of trust implementation
• Proficiency in low-level programming (C, Rust, Assembly) and systems programming
• Knowledge of firmware vulnerability assessment and threat modeling
• Track record of designing security architectures for complex, distributed systems
• Experience with supply chain security
• Ability to work effectively across hardware and software boundaries
• Knowledge of NIST firmware security guidelines and hardware security frameworks

Nice To Haves

• Experience with confidential computing technologies and hardware-based TEEs
• Knowledge of SLSA framework and software supply chain security standards
• Experience securing large-scale HPC or cloud infrastructure
• Contributions to open-source security projects (coreboot, CHIPSEC, etc.)
• Background in formal verification or security proof techniques
• Experience with silicon root of trust implementations
• Experience working with building foundational technical designs, operational leadership, and vendor collaboration
• Previous work with AI/ML infrastructure security

Responsibilities

• Design and implement secure boot chains from firmware through OS initialization for diverse hardware platforms (CPUs, BMCs, switches, peripherals, and embedded microcontrollers)
• Architect attestation systems that provide cryptographic proof of system state from hardware root of trust through application layer
• Develop measured boot implementations and runtime integrity monitoring
• Create reference architectures and security requirements for bare-metal deployments
• Integrate security controls with infrastructure teams without impacting training performance
• Prototype and validate security mechanisms before production deployment
• Conduct firmware vulnerability assessments and penetration testing
• Build firmware analysis pipelines for continuous security monitoring
• Document security architectures and maintain threat models
• Collaborate with software and hardware vendors to ensure security capabilities meet our requirements

Benefits

• competitive compensation and benefits
• optional equity donation matching
• generous vacation and parental leave
• flexible working hours
• a lovely office space in which to collaborate with colleagues