Lead the architecture, design, and implementation of security features for Linux-based platforms.
Define and enforce the system-wide security model covering boot process, kernel, user-space, and application-level protections.
Develop and maintain Linux kernel security modules and secure access control policies.
Drive implementation of Secure Boot, Measured Boot, and Trusted Boot mechanisms using UEFI, TPM, and cryptographic modules.
Ensure proper hardening of Linux components including kernel configuration, filesystem permissions, device access, and syscall exposure.
Integrate and validate data encryption, key management, and secure storage mechanisms (e.g., dm-crypt, LUKS, eCryptfs).
Work closely with platform, firmware, kernel, and application teams to address security threats, CVEs, and design mitigations.
Define and drive threat modeling, security code reviews, and risk assessments during product development.
Respond to and investigate potential security incidents or vulnerabilities and deliver timely patches or mitigation strategies.
Lead security audits, compliance verification (e.g., CIS, NIST, ISO 27001), and contribution to product certifications.
Contribute to secure OS update strategies and rollback protections.

Required Qualifications:

Bachelors or Masters degree in Computer Science, Electrical Engineering, or a related field.
8+ years of experience in embedded Linux system development with a strong focus on
security
.
Deep understanding of Linux security architecture, UEFI/BIOS, and TPM 2.0 integration.
Hands-on experience with: Integrity Measurement Architecture (IMA/EVM) and LUKS/dm-crypt and fscrypt
Audit subsystem, iptables/nftables, seccomp, and namespaces
Strong experience with Trusted Execution Environments (TEE) and secure key storage (e.g., OP-TEE, TrustZone).
Familiar with CVSS, CVE analysis, patch management, and vulnerability remediation lifecycles.
Knowledge of secure update frameworks (e.g., OSTree, SWUpdate, RAUC, The Update Framework - TUF).

Proficient in C, Python, shell scripting, and security testing tools (auditd, gdb, valgrind, clang static analyzer, etc.)

Mock Interview

Practice Video Interview with JobPe AI

Start Job-Specific Interview

Start Your Job Search Today

Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.