ARE YOU THE ONE?

We are looking for a Senior Embedded Security Engineer (OP-TEE & Hardware Security) to take ownership of the secure software and hardware trust layer of our biometric device platform. You will be responsible for developing embedded firmware to run in OP-TEE, implementing trusted execution environments, and ensuring compliance with international data protection and hardware security standards. You will also set up remote attestation pipelines, safeguard biometric data, and help prepare our devices for certification across the UK, EU, and US.
This is a hands-on role — you will be building the secure foundations yourself, not just overseeing. If you have deep expertise in embedded security and want to shape the trust layer of a breakthrough biometric product, this is the opportunity.

SKILLS

• 5+ years of professional experience in embedded systems security.
• Proven track record of working directly with OP-TEE on ARM/embedded platforms.
• Strong embedded firmware development skills (C, C++, Rust preferred).
• Hands-on experience with secure boot, trusted firmware, cryptography, and device attestation.
• Solid background in hardware security: tamper resistance, key storage, side-channel mitigation.
• Deep knowledge of biometric device security considerations (data protection, spoofing resistance, privacy).
• Familiarity with certification requirements: ISO/IEC 30107-3, ISO/IEC 19795, ISO/IEC 24745, FIPS 140-3.
• Experience with Linux kernel development, especially for embedded devices.
• Reproducible build systems (e.g. Yocto, buildroot.)

EDUCATION

• Bachelor’s or Master’s degree in Electrical Engineering, Computer Engineering, Computer Science, or related field.
• PhD in relevant area (trusted execution, embedded security, cryptography) is a plus, but not required.

• Development of embedded firmware and applications to run in OP-TEE on ARM-based embedded platforms.
• Implement secure boot, firmware integrity protections, and hardware-backed key management.
• Design and integrate remote attestation workflows with external device attestation services.
• Ensure device security aligns with GDPR, UK Data Protection Act, US biometric privacy laws, and certification standards (ISO/IEC, FIPS).
• Develop layered tamper-prevention strategies (hardware and software).
• Architect methods for running ML models securely inside TEE, protecting sensitive model elements.
• Collaborate with hardware, firmware, and compliance teams to pass required certifications.
• Produce technical security documentation and support regulatory audits.