Senior Edge Engineer - Firmware & MCU

SJE Inc.•Chesterfield, MO

1d•Remote

About The Position

We are looking for a Senior Edge Engineer to help build the next generation engineering team for our AMI Global brand. This role may work remote, but we would prefer a candidate to be near one of our SJE locations. Our AMI brand is a leading IoT connectivity solution for equipment via hardware, SaaS, and software. Its gateways and cloud connected solutions enable real-time monitoring, control, analytics, and commercialization support. We provide integration, development, and go-to-market services. As our Senior Edge Engineer, you will be the team’s depth on bare-metal firmware. Day-to-day that means secure boot, signed firmware, MQTT-over-TLS to the cloud, and the field-side protocol layer (Modbus RTU, plus CAN bus where required) on our current ARM Cortex-M class device. You will work into the team’s embedded-Linux track as our next-generation gateway platform comes online. You will provide occasional mentorship of early-career engineers on cross functional firmware teams within the organization.

Requirements

Reading Modbus RTU timing diagrams on an oscilloscope
Debugging a stuck mutual-TLS handshake on a constrained MCU
Pulling a bricked unit back over JTAG
NXP toolchains (hands-on) or equivalent vendor environments
Production work on secure boot chains, signed firmware, and verified OTA on resource-constrained devices
Integrating hardware secure elements (Microchip ATECC608, Infineon OPTIGA Trust, or similar)
TLS/MQTT on constrained MCUs: mbedTLS, WolfSSL, or comparable
Modbus RTU on bare metal: RS-485 driver, interrupt timing, framing
Working at the bench: oscilloscope, logic analyzer, JTAG/SWD debug, signal-level diagnosis
Embedded firmware (7+ years), fluency in C and modern C++ on ARM Cortex-M class microcontrollers

Nice To Haves

CAN bus on bare metal
Industrial cert experience (FCC, CE, UL)
Manufacturing text fixture or test program design
Industrial or critical-infrastructure deployment experience
Yocto, Buildroot, or other embedded-Linux exposure

Responsibilities

Security uplift on the current device platform: Secure boot, signed firmware images, hardware-rooted key storage (a secure-element companion or equivalent), verified OTA.
A time-boxed feasibility study on cloud protocol: We need to know whether MQTT-over-TLS with mutual auth fits on the existing MCU: footprint, RAM/flash budget, TLS-stack viability. Your finding drives the platform’s edge-protocol decision.
The field-side protocol layer: Modbus RTU primary, CAN bus where required. Clean driver abstraction so adding a new field protocol is additive rather than a fork.
OTA strategy and safety: Bench validation, staged rollouts, rollback, recover. We engineer OTA carefully because a bricked device in a wastewater plant is a contractual problem, not just an inconvenience.
Provisioning and identity: Per-device mutal-TLS credentials, secure key injection at manufacturing, key rotation.