Apply on Employer Site

Tenstorrent · 2 months ago

Staff Engineer, Platform Security Systems Software

United States

Full-time

Remote

Lead/Staff

$100K/yr - $500K/yr

8+ years exp

Tenstorrent is leading the industry on cutting-edge AI technology, revolutionizing performance expectations, ease of use, and cost efficiency. As a Staff Platform Security Software Engineer, you'll focus on developing and securing the lowest software layers that protect and power AI/ML and general compute devices, working closely with the hardware architecture team to enable a hardware-backed Root of Trust.

AI InfrastructureApplication Specific Integrated Circuit (ASIC)Artificial Intelligence (AI)ElectronicsMachine LearningSemiconductor

Comp. & Benefits

No H1B

U.S. Citizen Only

Responsibilities

Develop and test ROM, bootloader, and run-time firmware for enabling secure boot on security processors and Root-of-Trust devices

Design and implement code-signing, key management, and software release processes that produce secured artifacts across diverse device configurations

Develop and integrate real-time operating systems like TockOS or Zephyr to provide cryptographic, lifecycle, and security-sensitive system services while maintaining the deterministic timing that real-time demands

Create and maintain security documentation including detailed firmware architecture diagrams, security hardening guides, and embedded threat models

Design and develop on-device attestation mechanisms and integrate with external certificate authorities

Provide guidance to development teams on secure coding practices, with emphasis on embedded-specific pitfalls

Work with the hardware security team to shape next-generation secure silicon that software can effectively leverage

Collaborate with the broader RISC-V industry on standardized approaches for Trusted Execution Environments and confidential computing extensions

Partner with third-party security experts to audit and validate firmware, RTOS integrations, and embedded system designs

Qualification

Platform security engineeringEmbedded systemsFirmware developmentSecure bootCode-signingC/C++ programmingRust programmingGo programmingPython programmingCryptographic primitivesRTOS developmentSecurity assessmentsCuriosityRISC-V architecture knowledgeWorking knowledge of TEECommunicationCollaborationProblem-solving

Required

Experienced platform security engineer with 8+ years delivering production security software, including 4+ years focused on embedded systems, silicon devices, and firmware development

Strong coding skills in C, C++, or Rust plus Go or Python

Deep expertise in secure boot, code-signing, and firmware update mechanisms, including hands-on experience with Hardware Security Modules and manufacturing provisioning workflows

Proven experience developing and testing bootloaders like U-Boot or Coreboot

Working knowledge of cryptographic primitives, public key infrastructure, device attestation, and secure computing architectures

Skilled in RTOS development and integration using platforms like TockOS, Zephyr, or similar real-time systems

Experience conducting security assessments and risk analysis for firmware and embedded systems

Excellent communication skills for translating complex hardware security concepts to cross-functional teams

Preferred

RISC-V architecture knowledge is a significant plus, especially experience with TEE standardization, side-channel mitigation, and performance-optimized security implementations

Experience with OpenTitan is particularly valued

Working knowledge of TEE and confidential computing solutions in embedded contexts

Experience with boot ROM development and silicon device bring-up makes you even more valuable