As a Senior Firmware Security Engineer, you will design and deliver security-critical firmware for advanced networking hardware. This is a hands-on role with leadership expectations: approximately 70% individual contributor and 30% technical mentorship/leadership. You will work across secure boot, firmware signing, and cryptographic protocol implementation on embedded platforms (ARM, RISC-V, and custom ASIC environments), partnering closely with silicon, platform, and validation teams.
Key Responsibilities:
- Design, implement, and maintain firmware in C/C++ with automation/tooling in Python.
- Build and harden secure boot and chain-of-trust mechanisms.
- Own and improve firmware signing and image authentication workflows.
- Implement and integrate cryptographic protocols for device trust and secure communications.
- Perform threat modeling, security design reviews, and vulnerability remediation for firmware components.
- Define and execute firmware security validation strategies (negative testing, robustness, tamper scenarios).
- Mentor engineers through code reviews, design guidance, and secure development best practices.
- Collaborate cross-functionally with architecture, hardware, and software teams to deliver secure product releases.
Minimum Qualifications:
- 7+ years of embedded/firmware software engineering experience, including security-focused development.
- Bachelor's or Master's degree in Computer Engineering, Electrical Engineering, Computer Science, or equivalent experience.
- Strong proficiency in C/C++ and practical proficiency in Python.
- Firmware signing / image authentication
- Applied cryptography in embedded systems
- Experience on one or more target architectures: ARM, RISC-V, or custom ASIC/SoC platforms.
- Strong debugging and root-cause skills for low-level systems.
- Ability to lead technically while remaining deeply hands-on.
Preferred Qualifications:
- Experience in high-performance networking, interconnects, or data center/HPC systems.
- Familiarity with device attestation and management security standards (e.g., SPDM/PLDM concepts).
- Experience building secure firmware delivery/update pipelines and release validation frameworks.
- Knowledge of security compliance frameworks and secure SDLC practices for embedded products.
- Familiarity with Post-Quantum Cryptography (PQC) and NIST PQC standards (e.g., ML-DSA/Dilithium, ML-KEM/Kyber),
- including hybrid classical+PQC signing and key exchange in embedded contexts.
Location: This is a remote position for employees residing within the United States.
We offer a competitive compensation package that includes equity, cash, and incentives, along with health and retirement benefits. Our dynamic, flexible work environment provides the opportunity to collaborate with some of the most influential names in the semiconductor industry.
At Cornelis Networks your base salary is only one component of your comprehensive total rewards package. Your base pay will be determined by factors such as your skills, qualifications, experience, and location relative to the hiring range for the position. Depending on your role, you may also be eligible for performance-based incentives, including an annual bonus or sales incentives.
In addition to your base pay, you'll have access to a broad range of benefits, including medical, dental, and vision coverage, as well as disability and life insurance, a dependent care flexible spending account, accidental injury insurance, and pet insurance. We also offer generous paid holidays, 401(k) with company match, and Open Time Off (OTO) for regular full-time exempt employees. Other paid time off benefits include sick time, bonding leave, and pregnancy disability leave.