Security Engineer, Hardware Security
Saronic•Washington, DC
8h
About The Position
Saronic Technologies is a leader in revolutionizing autonomy at sea, dedicated to developing state-of-the-art solutions that enhance maritime operations through autonomous and intelligent platforms. Security at Saronic is a force multiplier. We're seeking a Security Engineer focused on hardware, embedded systems, and firmware security to own the security posture of Saronic's vessel hardware platforms from silicon to system. You will be the technical authority on hardware root of trust, secure boot, firmware integrity, embedded system hardening, and the security of third-party hardware integrations. Your work ensures that every component on the vessel is resilient against tampering, exploitation, and supply chain compromise, designed in from the start and maintained across the fleet lifecycle.
Requirements
- 10+ years of hands-on experience in hardware security, embedded systems security, firmware security, or a closely related security engineering role
- Deep expertise in hardware hacking techniques including fault injection, side-channel attacks, JTAG/SWD exploitation, bus sniffing/injection, and physical security assessments
- Demonstrated experience designing and implementing secure boot chains, hardware root of trust, and secure firmware update mechanisms in production systems
- Strong experience assessing third-party hardware integrations and evaluating supply chain security risks
- Deep knowledge of embedded Linux security hardening, kernel security, and mandatory access control frameworks
- Experience with operational technology security, industrial protocols, or control system security
- Proficiency in C, C++, Python, or Rust in the context of firmware, embedded, or systems-level security work, and with hardware security testing tools
- Ability to obtain and maintain a security clearance
Nice To Haves
- Experience in defense, aerospace, robotics, autonomy, maritime, or other high-assurance environments
- Experience with autonomous systems, unmanned vehicles, or safety-critical embedded platforms
- Experience with RTOS, microcontroller security, or resource-constrained device environments
- Knowledge of CAN bus, NMEA protocols, maritime communication systems, RF/GPS/GNSS security, or ICS security standards
- Familiarity with defense or safety-critical compliance frameworks (NIST SP 800-53, IEC 62443, Common Criteria, or equivalent)
- Relevant certifications such as OSEE, GXPN, GSE, or hardware-focused credentials
Responsibilities
- Conduct hardware security assessments including fault injection, side-channel analysis, interface evaluation, and bus protocol analysis across Saronic-built and third-party hardware including sensors, radios, navigation systems, propulsion controllers, and communication modules
- Evaluate and harden physical interfaces, debug ports, maintenance access points, and removable media interfaces on vessel hardware
- Evaluate supply chain security risks for hardware components and recommend provenance validation, anti-tamper, and attestation controls
- Develop and maintain a hardware security testing capability including tooling, methodology, and repeatable test procedures
- Design and implement secure boot chains establishing hardware root of trust from power-on through application launch, integrating TPM, secure elements, and HSMs for device identity, key storage, measured boot, and remote attestation
- Design and implement secure firmware update mechanisms including signed updates, rollback protection, and verified delivery across the fleet
- Own the cryptographic key lifecycle for hardware-bound keys, including provisioning, rotation, revocation, and escrow
- Harden embedded Linux systems on vessel platforms, including kernel configuration, mandatory access controls, secure IPC, and attack surface reduction
- Secure operational technology protocols and interfaces used in vessel control systems, propulsion, navigation, and sensor fusion including CAN bus, NMEA, and maritime/industrial communication protocols
- Define security boundaries, trust zones, and segmentation strategies for vessel-internal compute and communication architectures
- Drive threat modeling across vessel hardware subsystems and translate findings into actionable engineering requirements
- Produce secure-by-design reference architectures and define hardware and firmware security standards, testing requirements, and acceptance criteria integrated into engineering workflows
Benefits
- Medical Insurance: Comprehensive health insurance plans covering a range of services
- Saronic pays 100% of the premium for employees and 80% for dependents
- Dental and Vision Insurance: Coverage for routine dental check-ups, orthodontics, and vision care
- Saronic pays 100% of the premium under the basic plan for employees and 80% for dependents
- Time Off: Generous PTO and Holidays
- Parental Leave: Paid maternity and paternity leave to support new parents
- Competitive Salary: Industry-standard salaries with opportunities for performance-based bonuses
- Retirement Plan: 401(k) plan with company match
- Stock Options: Equity options to give employees a stake in the companyâs success
- Life and Disability Insurance: Basic life insurance and short- and long-term disability coverage
- Pet Insurance: Discounted pet insurance options including 24/7 Telehealth helpline
- Additional Perks: Free lunch benefit and unlimited free drinks and snacks in the office
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Upload and Match Resume
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
