Responsibilities

• Design and develop the end-to-end security architecture for SoC-based products

  • Secure Boot / Anti-rollback

  • Key Provisioning / Hardware Root of Trust

  • Secure Lifecycle State management (LCS) for firmware, keys, and devices

• Develop and integrate security modules for firmware and system-level protection

• Perform vulnerability analysis, attack-surface evaluation, and memory-protection hardening

• Integrate, validate, and optimize hardware cryptographic engines

• (AES/GCM engines, TRNG, PKA, RSA, PQC, hash accelerators, secure key storage, etc.)

• Develop secure firmware update/rollback policies and product lifecycle controls

Requirements

• Strong understanding of embedded security fundamentals: Secure Boot, key management, cryptography

• Experience with TLS, X.509, ECC, AES, and cryptographic or security libraries

• Proficiency in C/C++ or Rust for secure system software development

• Experience analyzing security issues in SoC/FPGA-based systems

• Hands-on experience with hardware cryptographic engines and security IP blocks

• (AES/GCM, SHA accelerators, TRNG/DRBG, PKA, PUF/HUK, secure key storage, etc.)

• Understanding of firmware lifecycle and key lifecycle management

Preferred Qualifications

• Experience with TPM, HSM, TrustZone, OP-TEE, or other hardware security architectures

• Experience implementing secure firmware signing, provisioning, and deployment pipelines

• Background validating cryptographic engines under standards like FIPS 140-3, NIST CMVP

• Security engineering experience for AI accelerators, networking chips, or SoCs

• Contribute to development practices aligned with standards such as FIPS, PSA Certified, CAVP, CMVP and related industry certifications

Contact

• recruit@furiosa.ai