Skip to content
Senior Software Engineer – Device Security
| Company | Humane |
|---|
| Location | San Francisco, CA, USA |
|---|
| Salary | $216000 – $288000 |
|---|
| Type | Full-Time |
|---|
| Degrees | |
|---|
| Experience Level | Senior |
|---|
Requirements
- 6+ years of experience in secure programming in embedded system, AOSP, or Windows environments, primarily in C, C++, or Java.
- Strong understanding of general embedded systems security concepts, including establishing roots of trust, secure boot, cryptography, PKI, or application sandboxing.
- Experience in firmware security, OS-level security, or network security.
- Demonstrated ability to architect and lead multi-disciplinary projects from concept to deployment.
- Experience in designing secure interfaces with biometric sensors, custom PKI handling, or factory flow processes.
- Ability to work closely with cross-functional teams to assess attack surface and threat models across many different features.
- Deep understanding (OR deep desire to learn) of cryptography, security, and privacy theory and practices.
Responsibilities
- Lead the design and implementation of embedded device security architecture from the ground up. This includes using the best industry standard cryptography practices for things like secure key management systems, hardware secure boot, PKI, efficient encryption of data, and more.
- Collaborate cross-functionally with the CoreOS, Firmware, Design, and Cloud Services teams to create robust security features.
- Develop custom TrustZone or native kernel applications to enhance hardware-backed identity solutions and data protection.
- Work on high-profile projects, such as secure channels between devices, protecting personal data, and automatic theft detection; which all require secure and efficient data handling.
- Interface with biometric sensors to create secure channels for data flow inside and outside device boundaries.
- Assist in vulnerability management, and apply secure SDLC practices across the company.
Preferred Qualifications
- Background in embedded systems like consumer electronics, IoT, medical, or payment devices or systems.
- Experience with AOSP and Linux security, including TrustZone, TEE, AVB, Keystore, and SELinux.
- Experience with privacy compliance standards like GDPR, CCPA, HIPAA, or ISO.
