Senior Software & Security Architect- Embedded Cybersecurity Platform [USA - Remote]

At AURA Technologies, we are excited to announce a new opening for a dedicated security architect in our dynamic team. You will lead the implementation of a new embedded cybersecurity platform. You will translate detailed security specifications into implementation-level designs and working code for a hardened Intel/Linux appliance deployed in air-gapped OT environments.

This is a greenfield implementation. You will be writing the most security-sensitive components of the system from the ground up, including:

• Cryptographic key management services with hardware-rooted trust

• Certificate lifecycle management for offline and network-constrained environments

• Secure boot chain and platform integrity verification

• OS-level hardening and mandatory access control configuration

• Integration with hardware security elements and platform trust anchors

You will work directly with the Chief Architect (PhD, Computer Science, 25+ years in systems and security) and will be instrumental in building out the engineering team, helping recruit, mentor, and establish the technical practices for the developers who will maintain and extend your work.

Requirements and Skills

• Embedded Linux. Deep, hands-on experience with custom embedded Linux systems-- including kernel configuration, initramfs, systemd, disk encryption, and mandatory access controls (SELinux or AppArmor)--sufficient to architect secure system designs, define implementation standards, and provide authoritative technical guidance to the engineers responsible for building and maintaining production Linux images. You have built or substantially modified production bare-metal Linux images, not just deployed containers on cloud VMs.

• TPM 2.0 and hardware root of trust. Working experience with TPM-based security: secure boot, measured boot, platform integrity, key sealing, and attestation. You understand the TPM 2.0 architecture and have used it in practice.

• Air-gapped and OT environments. Experience designing or deploying systems in disconnected, high-assurance, or industrial control environments. You understand the constraints of operating without cloud connectivity and the implications for key management, certificate lifecycle, and software updates.

• PKI and X.509. Substantive experience with public key infrastructure: certificate chains, validation, revocation, and certificate profiles. You do not need to be a CA administrator, but you need to understand the role of PKI in system identity and trust establishment.

• Systems programming. Strong proficiency in C or C++ for systems-level work. You are comfortable reading kernel code, debugging with strace and gdb, and reasoning about memory safety, concurrency, and process isolation.

• US Citizenship and ability to pass a background investigation.

Highly Desirable

• Rust. Production experience writing Rust for systems or embedded targets. Rust is the primary implementation language for this project. If you are a strong C/C++ systems developer without Rust experience, we will invest in your transition - the language is the easy part when the systems thinking is already there.

• Cryptographic engineering. Practical experience with cryptographic libraries (OpenSSL, tpm2-tss, PKCS#11), secure protocol implementation, or hardware security module integration.

• OT security standards. Familiarity with security standards applicable to industrial and critical infrastructure environments (e.g., IEC 62443, NIST 800-82, or equivalent).

Not Required

• Security clearance (none needed for this role)

• Cloud or SaaS experience

• Web application security

• CISSP or similar management-oriented certifications

What You Will Not Be Doing

• Administering PKI infrastructure (separate role)

• Cloud architecture or DevOps

• Penetration testing or red-teaming (though your threat modeling instincts will be valued)

• Front-end or UI development

Why This Role

• Greenfield architecture. You are building from a clean sheet, not maintaining legacy code. The security architecture is thoroughly specified; your job is to bring it to life.

• Genuinely hard problems. Hardware-rooted key management, tamper-responsive security, and certificate lifecycle in offline environments - this is not checkbox compliance work. These are real engineering challenges with real security consequences.

• Research culture. AURA is an R&D company. We pursue SBIR, STTR, and applied research projects across multiple disciplines. Engineers are encouraged to champion research directions they are passionate about.

• Autonomy and ownership. As the first security-focused developer on this platform, you will shape the implementation approach, tooling, and technical culture for the team that follows.

BENEFITS:
• Fortune 500-level Health Care Coverage
• Unlimited Leave Program after 60 days
• 10 Paid holidays & Paid Winter Break
• 401(k) Safe Harbor Contributions
• Employee Discount Program

TO APPLY FOR THIS POSITION:

Submit your resume/CV in PDF format via instructions at thefollowing link:http://aura.company/careers/

No phone calls after submission. We will let candidates know via automated reply that we have received their resumes and will contact them if there is a good fit after the closing date for this job.

Write a carefully crafted, well-written cover letter that elaborates on your interest in this position and why you think you are the best candidate for the job. Submit your cover letter, CV and three professional references (one of which must be from a current or former supervisor) in PDF format ONLY via BambooHR.

Any attachments must be in PDF format or will not be opened due to virus concerns. No phone calls after submission. We will let candidates know via automated reply that we have received their resumes and will contact them if there is a good fit after the closing date for this job.