Sr. Embedded Security Engineer
About The Position
SPAN is enabling electrification for all by designing, building, and deploying products that electrify the built environment, reduce carbon emissions, and slow the effects of climate change. The company focuses on enabling homes and vehicles powered by clean energy, making electrification upgrades possible, building more resilient homes with reliable backup, and designing a flexible and distributed electrical grid. We are looking for a hands-on individual with a security engineering mindset to join us as a Senior Embedded Security Engineer as part of the Security team at SPAN. In this role, you will directly influence the security of software across our entire hardware product line. We are looking for someone with a proven track record of building and deploying hardware security technologies who can bring deep expertise to our expanding ecosystem.
Requirements
- 6+ years of professional experience in hardware security, embedded systems engineering, or a closely related field.
- Advanced hands-on experience configuring and deploying specialized security hardware, including TPMs and HSMs.
- Strong programming proficiency in C/C++, Rust and Python for developing secure, high-performance software and automation tools.
- Demonstrated experience designing, architecting, and implementing security solutions at the operating system level.
- Core expertise in bare-metal embedded systems development and firmware security.
- Familiarity with building and configuring custom Linux distributions using Yocto Linux.
Nice To Haves
- Applied cryptography and cryptographic service infrastructure
- Operating system security and OS-level hardening
- Secure / Authenticated boot flows
- Hardware Security Modules (HSMs) and Trusted Platform Modules (TPMs)
Responsibilities
- Architect and develop robust security infrastructure, including cryptographic services and other security-critical components.
- Implement secure and authenticated boot flows to ensure device and firmware integrity from power-on.
- Design and secure Over-the-Air (OTA) update systems, ensuring robust encryption, cryptographic signing, authentication, and anti-rollback protections for remote deployments.
- Design and integrate security provisioning protocols into the factory manufacturing process.
- Establish secure device identities and root-of-trust architectures utilizing onboard hardware security modules (HSMs/TPMs).
- Design and implement secure debug architectures to safeguard physical and logical interfaces (e.g., JTAG, SWD, UART) against unauthorized access and reverse engineering.
- Harden Linux and POSIX-based operating systems to minimize attack surfaces and secure the software stack.
- Rapidly prototype new security features, helping to identify vulnerabilities, design mitigations, and test continuous security improvements.
Benefits
- Competitive compensation + equity grants at a well-funded, venture-backed company
- Comprehensive benefits: 100% employee premiums for base plans on medical, dental, vision with options for additional coverage.
- Parental leave up to twenty four (24) weeks depending on eligibility
- Flexible hours
- one holiday per month
- flexible time off
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
Education Level
No Education Listed
