Confidential Compute Systems Engineer - Full Time

(US) Mountain View CA , Austin TX, Portland OR, Fort Collins CO
Engineering – Systems Security /
Full-time /
Hybrid
We are working on software, firmware and hardware to evolve the RISC-V ecosystem and build secure-by-design RISC-V based systems.

The security team has the charter to define security requirements for the hardware teams and software teams.  We are responsible for providing secure designs for RISC-V as we bring our product vision to life.  As a confidential compute engineer on our team, you will develop software and firmware for a high-performance RISC-V-based System to ensure security and privacy requirements are met, for protecting sensitive customer data in multi-tenant environments. You will contribute to enabling Trusted Execution Environments for RISC-V based platforms.

Positions are open for full-time roles in the areas of confidential compute aspects of simulators, OS/hypervisor, orchestration, tools and application runtimes to support TEE workloads.

You will be learning technical and organizational skills from industry veterans: how to write performant and readable code; how to structure and communicate projects, ideas, and progress; how to work effectively with the Open Source community.
We are big proponents of Open Source software and contribute back our improvements to all the great projects we use.

Responsibilities

    • Design and develop APIs, protocols and services for a multi-tenant confidential compute system.
    • Modify/Extend open source OS/hypervisors for specialized hardware to support confidential workload security extensions
    • Create, Implement, Release, and Manage open source Software Development Kits (SDKs), APIs. 
    • Design and develop cryptographic services for licensing, key management, signing, etc for end-to-end solutions
    • Contribute to open source projects and drive open standards for confidential compute interoperability
    • Debug large scale workload issues, working in conjunction with other software and hardware engineering teams. 
    • Implementing required support for platform security standards within Confidential Compute Consortium, PCIe, CXL, DMTF, TCG etc.

Requirements

    • Experience with large scale multi-tenant security products (i.e. threat detection, identity and access, data security, KMS, HSM, Confidential computing).
    • Experience in large scale open-source projects using multi-tenant environments such as Container runtimes (e.g. Kubernetes, Kata)
    • Assembly/C/C++ experience; Rust experience is not necessary, but a plus.
    • Strong SW development fundamentals, including system software, multi-processor systems, caching and virtual memory.
    • Demonstrated grasp of applied cryptography. 
    • Experience with PKI lifecycle management is a plus.
    • Experience with RISC-V and Domain-specific architectures is a plus but not required.
    • Excellent skills in problem solving, written and verbal communication, excellent organization skills, and highly self-motivated.
    • Ability to work well in a team and be productive under aggressive schedules.

Education and Experience

    • PhD, Master’s Degree or Bachelor’s Degree in technical subject area.