Product Security Engineer - Cryptography and PKI

1X Technologies ASSan Carlos, CA
2d$137,861 - $240,000Onsite
Match Resume

About The Position

Product Security Engineer, Cryptography & PKI San Carlos, CA (on-site) About 1X We build humanoid robots that work alongside people to solve labor shortages and create abundance. The Role As a Product Security Engineer specializing in cryptography and PKI, you will build and scale the cryptographic infrastructure that secures 1X’s robots and communications. Your work will ensure trust, integrity, and long-term security across the company’s hardware and software systems.

Requirements

  • Strong experience with cryptography, PKI design, and key management
  • Experience working with hardware security modules (HSMs), including vendor selection, integration, and root‑of-trust establishment
  • Familiarity with remote device attestation frameworks (such as fTPM, OP‑TEE, or similar)
  • Demonstrated ability to design and scale secure firmware signing and code signing pipelines
  • Proven track record in defining and enforcing trust policies (key generation, rotation, destruction) and provisioning mechanisms
  • Experience securing build/artifact pipelines and developing secure communication protocols
  • Ability to work cross‑functionally with hardware, software, security operations, and infrastructure teams
  • High attention to detail, strong problem solving, with a mindset of anticipating vulnerabilities and designing defendable systems

Nice To Haves

  • Vendor-specific HSM credentials or labs (Thales, Utimaco, AWS CloudHSM)
  • NVIDIA Orin or similar SoC platform experience
  • Background in post-quantum crypto evaluation and migration planning
  • Familiarity with large-scale factory provisioning tools (KMIP gateways, ACME/SCEP)
  • ProdSec/supply-chain security expertise (SBOMs, CI/CD hardening)
  • Experience in C/C++/Rust/GoLang (in addition to Python / Bash)
  • GoLang preferred

Responsibilities

  • Design and manage end-to-end cryptographic services, including PKI and key lifecycle management
  • Establish HSM infrastructure as the root of trust for firmware signing and IoT authentication
  • Lead the evaluation, procurement, configuration, and integration of HSM vendor solutions
  • Architect scalable key management systems for future growth
  • Design remote device attestation mechanisms leveraging technologies such as fTPM or OP-TEE
  • Build and automate secure pipelines for firmware and bootloader signing
  • Define infrastructure and policies for author key provisioning, rotation, and destruction
  • Secure build systems and code-signing workflows
  • Develop factory provisioning architecture for mass key and certificate distribution
  • Support secure communication protocol development
  • Collaborate with cross-functional teams including Product Security, Cloud Infrastructure, Device Engineering, and SecOps

Benefits

  • Health, dental, and vision insurance
  • 401(k) with company match
  • Paid time off and holidays

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Mid Level

Education Level

No Education Listed

Number of Employees

101-250 employees

Job Search Resources

Similar Product Security Engineer - Cryptography and PKI job opportunities

Cryptography PKI Engineer
BNY
BNY • Lake Mary, FL7d
Cryptography PKI Engineer
BNY Mellon
BNY Mellon • Pittsburgh, PA7d
Cryptography PKI Engineer
BNY Mellon
BNY Mellon • Pittsburgh, PA7d
PKI Senior Security Engineer
The Cigna Group
The Cigna Group • Bloomfield, CT3d
Identity Security - PKI Engineer
Intel
Intel • Chandler, AZ12d • Hybrid
Lead, PKI Security Engineer
Prudential Financial
Prudential Financial • Newark, NJ6d
Explore More Jobs

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service