Embedded Security Engineer
Saronic
Austin, United States
November 01, 2025
Apply NowEmbedded Security Engineer
Austin, Texas
Cybersecurity /
Full Time /
On-site
Saronic Technologies is a leader in revolutionizing defense autonomy at sea, dedicated to developing state-of-the-art solutions that enhance maritime operations for the Department of Defense (DoD) through autonomous and intelligent platforms.
Saronic Technologies is a leader in defense autonomy at sea. We’re seeking
an Embedded Security Engineer to design, implement, and harden security
for the software that runs on our autonomous surface vessels. You’ll work
across device identity, secure boot and update flows, secrets/key management, and secure communications—partnering closely with autonomy, platform, manufacturing, and field teams to deliver trustworthy systems that operate reliably in maritime environments.
Senior Engineers: 3+ years of experience delivering security features on
embedded/Linux systems, preferably in autonomy, robotics, aerospace, or
defense.
Staff Engineers: 8+ years of experience including technical leadership
across secure boot/update pipelines, identity/PKI, and fleet-wide hardening;
demonstrated ownership of mission-critical features from design through
field deployment.
Key Responsibilities:
- Design, develop, and maintain security features for embedded Linux systems (systemd-managed services, Rust/C/C++) used for navigation, control, and communications.
- Own per-vessel identity and mutual authentication for boat↔cloud and boat↔boat links; implement certificate/key rotation and revocation workflows.
- Implement signed/verified update mechanisms with rollback protection; collaborate with manufacturing on secure boot enablement and key provisioning.
- Integrate and operate hardware-backed key storage (e.g., TPM/secure elements) and sealed secrets for on-vessel services.
- Harden network paths over constrained links: TLS/mTLS, VPN overlay policies, and least-privilege service access.
- Reduce attack surface in embedded services (capabilities, seccomp/AppArmor where appropriate, safe process execution, input validation).
- Build tamper-evident, structured logging and diagnostics suitable for ship→shore analysis and incident response.
- Perform threat modeling, code reviews, and security testing (static/dynamic analysis, fuzzing, negative testing).
- Troubleshoot and debug complex security issues in fielded systems; author runbooks and safe-rollback procedures.
- Document designs, processes, and verification results for compliance and knowledge sharing; contribute to secure coding guidelines.
- Stay current on emerging security technologies and best practices relevant to embedded Linux and autonomous systems.
Required Qualifications:
- Bachelor’s or Master’s degree in Computer Science,
- Electrical/Computer Engineering, Software Engineering, or a related field.
- Proficiency in Rust and/or C/C++ developing software for embedded Linux.
- Strong understanding of cryptographic primitives and protocols (keys, certificates, signatures, TLS/mTLS), and experience integrating them into systems.
- Experience with secure/verified boot, OTA/update safety, and firmware/bootloader workflows.
- Familiarity with VPN overlays and constrained-network security patterns.
- Comfortable with Linux security fundamentals (users/permissions, capabilities, sandboxing) and systemd-based service management.
- Excellent problem-solving skills and ability to collaborate effectively in na fast-paced, cross-functional environment.
- Strong written and verbal communication skills.
- This role requires the ability to obtain and maintain a security clearance
Preferred Qualifications:
- Experience with TPM/secure elements, measured/verified boot, and attestation.
- Exposure to NixOS-based builds, Yocto, or similar embedded Linux tooling.
- Experience with authenticated media/telemetry pipelines and secure streaming.
- DoD/defense domain familiarity and prior work under export-controlled constraints.
Physical Demands:
- Prolonged periods of sitting at a desk and working on a computer.
- Occasional standing and walking within the office.
- Manual dexterity to operate a computer keyboard, mouse, and other office equipment.
- Visual acuity to read screens, documents, and reports.
- Occasional reaching, bending, or stooping to access file drawers, cabinets, or office supplies.
- Lifting and carrying items up to 20 pounds occasionally (e.g., office supplies, packages).
Benefits:
Medical Insurance: Comprehensive health insurance plans covering a range of services
Saronic pays 100% of the premium for employees and 80% for dependents
Dental and Vision Insurance: Coverage for routine dental check-ups, orthodontics, and vision care
Saronic pays 99% of the premium for employees and 80% for dependents
Time Off: Generous PTO and Holidays
Parental Leave: Paid maternity and paternity leave to support new parents
Competitive Salary: Industry-standard salaries with opportunities for performance-based bonuses
Retirement Plan: 401(k) plan
Stock Options: Equity options to give employees a stake in the company’s success
Life and Disability Insurance: Basic life insurance and short- and long-term disability coverage
Additional Perks: Free lunch benefit and unlimited free drinks and snacks in the office
This role requires access to export-controlled information or items that require “U.S. Person” status. As defined by U.S. law, individuals who are any one of the following are considered to be a “U.S. Person”: (1) U.S. citizens, (2) legal permanent residents (a.k.a. green card holders), and (3) certain protected classes of asylees and refugees, as defined in .
Saronic does not discriminate on the basis of race, sex, color, religion, age, national origin, marital status, disability, veteran status, genetic information, sexual orientation, gender identity or any other reason prohibited by law in provision of employment opportunities and benefits.