Senior Staff Embedded Linux Security Engineer
Apply NowCompany: CARIAD
Location: Mountain View, CA 94040
Description:
We are CARIAD, an automotive software development team with the Volkswagen Group. Our mission is to make the automotive experience safer, more sustainable, more comfortable, more digital, and more fun. To achieve that we are building the leading tech stack for the automotive industry and creating a unified software platform for over 10 million new vehicles per year. We're looking for talented, digital minds like you to help us create code that moves the world. Together with you, we'll build outstanding digital experiences and products for all Volkswagen Group brands that will transform mobility. Join us as we shape the future of the car and everyone around it.
Role Summary:
As a Senior Staff Embedded Linux Security Engineer, you should have deep expertise in SELinux to join our security team. The successful candidate will be responsible for designing, implementing, and maintaining security measures to protect our embedded Linux-based systems setting up right selinux policy, secureboot, avb. You will work closely with development, operations, and compliance teams to ensure our systems are secure and comply with industry standards and regulations.
Role Responsibilities:
Coding, Integration, and Testing
Cross-Functional Teamwork
General Skills:
Required Specialized Skills:
Desired Skills:
Workplace Flexibility:
Years of Relevant Experience:
Required Education:
Desired Education:
Compensation
Salary range is dependent on factors such as geographical differentials, credentials or certifications, industry-based experience, qualification and training. In the city of Mountain View, California, the salary range for this position is $149,000 - 193,500.
CARIAD, Inc. provides performance based merits and annual bonus along with a competitive benefits package. Benefits include medical, dental, vision, 401k with employer match and defined contribution plan, short and long term disability, basic life and AD&D insurance, employee assistance program, tuition reimbursement and student loan repayment plans, maternity and non-primary caregiver leave, adoption assistance, employee referral program and vacation and paid holidays. We also offer a unique vehicle lease program that covers registration and insurance fees.
CARIAD is an Equal Opportunity Employer. We welcome and encourage applicants from all backgrounds, and do not discriminate based on race, sex, age, disability, sexual orientation, national origin, religion, color, gender identity/expression, marital status, veteran status, or any other characteristics protected by applicable laws.
#LI-TP1
Role Summary:
As a Senior Staff Embedded Linux Security Engineer, you should have deep expertise in SELinux to join our security team. The successful candidate will be responsible for designing, implementing, and maintaining security measures to protect our embedded Linux-based systems setting up right selinux policy, secureboot, avb. You will work closely with development, operations, and compliance teams to ensure our systems are secure and comply with industry standards and regulations.
Role Responsibilities:
Coding, Integration, and Testing
- Design and develop secure boot processes to ensure the integrity and authenticity of firmware and software).
- Develop and implement security architecture for embedded Linux systems, focusing on robust access control, encryption, and secure communication.
- Configure and manage SELinux policies to enforce security at the kernel level.
- Troubleshoot and resolve SELinux-related issues to ensure the smooth operation of security policies.
- Implement secure boot mechanisms to protect against unauthorized firmware and software modifications.
- Implement secure boot mechanisms to protect against unauthorized firmware and software modifications using technologies such as U-Boot, Trusted Platform Module (TPM), and ARM TrustZone.
- OpenSSL and other cryptographic libraries for implementing secure communication and encryption.
- Yocto Project or Buildroot for building custom Linux distributions with security features.
Cross-Functional Teamwork
- Work closely with hardware engineers, software developers and Security team to integrate security throughout the development lifecycle.
- Stay updated with the latest security patches and updates and ensure timely application to embedded systems.
- Create and maintain security documentation, including policies, procedures, and audit findings.
- Continuously optimize hardware and software aspects of display systems for better performance and lower power consumption.
General Skills:
- Analytical and debugging skills.
- Effective written and oral communication skills.
- Collaborate and work with multiple teams across geographies and time zones.
Required Specialized Skills:
- Design, implement, and manage security policies using SELinux.
- Develop and maintain custom SELinux policies to meet the specific needs of various applications and services.
- Conduct security assessments and vulnerability analyses of Linux systems.
- Provide training and guidance to other team members on SELinux and Linux security best practices.
- Proven experience as a Linux Security Engineer with a strong focus on SELinux.
- Familiarity with Android build systems and OTA update mechanisms.
- Proficiency in programming languages such as C, C++, and Java.
Desired Skills:
- Embedded development experience.
- Strong understanding of SELinux architecture, policy writing, and troubleshooting.
- Strong understanding of Android OS architecture and security mechanisms.
- Experience with bootloaders, secure boot processes, and trusted execution environments.
- Experience with cryptographic principles and secure key management.
- Experience with embedded systems and hardware security modules (HSM).
Workplace Flexibility:
- Calls, (virtual) meetings & workshops (overlapping with German business hours as needed) to align with stakeholders and development teams in Germany.
- Occasional international and domestic travel to provide on-site support and planning/integration workshops with our internal and external stakeholders.
Years of Relevant Experience:
- 10+ years embedded systems specialization on Linux security
Required Education:
- Bachelor's Degree in Computer Science, STEM or equivalent professional experience.
Desired Education:
- Master's Degree in Computer Science or other STEM focus areas.
Compensation
Salary range is dependent on factors such as geographical differentials, credentials or certifications, industry-based experience, qualification and training. In the city of Mountain View, California, the salary range for this position is $149,000 - 193,500.
CARIAD, Inc. provides performance based merits and annual bonus along with a competitive benefits package. Benefits include medical, dental, vision, 401k with employer match and defined contribution plan, short and long term disability, basic life and AD&D insurance, employee assistance program, tuition reimbursement and student loan repayment plans, maternity and non-primary caregiver leave, adoption assistance, employee referral program and vacation and paid holidays. We also offer a unique vehicle lease program that covers registration and insurance fees.
CARIAD is an Equal Opportunity Employer. We welcome and encourage applicants from all backgrounds, and do not discriminate based on race, sex, age, disability, sexual orientation, national origin, religion, color, gender identity/expression, marital status, veteran status, or any other characteristics protected by applicable laws.
#LI-TP1