Product Security Engineer

About The Position

Requirements

• Experience developing for embedded systems and Linux platforms in C, C++
• Strong knowledge of cryptographic theory and engineering including encryption, hashing, signing, digital certificates and hardware security modules (HSMs)
• Building internal security applications with cryptographic guarantees such as firmware encryption and signing, custom developer enablement tools, secure asset provisioning, etc.
• Experience aligning embedded product security practices with regulatory and compliance requirements (EU CRA, NIST, ISO 27001, IEC 62443 or similar frameworks)
• Experience implementing IP protection and anti-tamper mechanisms in embedded systems, including secure boot enforcement, firmware encryption, and hardware debug port protection
• Experience mitigating dependency or code-level defects including memory-management issues, input validation, timing attacks, broken authentication, side channels.
• Experience with computer networking with a focus on security and IOT applications
• Bachelor's degree in Computer Science, or equivalent.
• 6 or more years of industry experience working in firmware development with a focus on security.

Nice To Haves

• A master’s degree is beneficial

Responsibilities

• Architecting and designing products to guarantee secure practices, data confidentiality, system integrity
• Engineering and implementing ARM Trust Zone secure applets, implementing a cryptographic IOT device identity and root of trust
• Streamlining secrets, key management, cryptography, and credential management
• Defining Security requirements and conducting security assessments
• Architect and implement protections for intellectual property, including anti-reverse engineering, secure firmware distribution, and debug interface lockdown
• Ensure compliance with applicable security regulations and standards (e.g., EU CRA, ETSI EN 303 645, NIST) and support audits and certifications
• Advising engineering peers on security matters in the form of architectural guidance, code/design reviews, and solution development
• Improving vulnerability discovery, patching process, and leading responses to external security threats
• Code independently with minimal oversight and design system architecture with guidance
• Collaborating with cross-functional teams like product firmware, devops, cloud engineering, manufacturing, and program management.
• Performing security testing on products and supporting with the security fix implementations
• Designing and maintaining private X.509 and JWK chains of trust used for validating authenticity of portable audio devices
• Stay up-to-date on security news, relevant technologies, plug into user groups, understand trends and security opportunities
• Be a stakeholder on interdisciplinary teams advocating for security

Benefits

• Competitive salary, benefits, and pension
• A culture of excellence, respect, opportunity and passion for innovation
• Our compensation is thoughtfully tailored to your skills, experience, education, and location, and goes beyond base salary.
• In addition to competitive base pay we offer rewards including bonus programs, comprehensive health and welfare benefits, a 401(k) plan, plus exclusive perks designed to support your wellbeing, and a generous employee discount where you can immerse yourself in our products and experiences.