Are you the one?
We are looking for a Senior Embedded Security Engineer (OP-TEE & Hardware Security) to take ownership of the secure software and hardware trust layer of our biometric device platform. You will be responsible for developing embedded firmware to run in OP-TEE, implementing trusted execution environments, and ensuring compliance with international data protection and hardware security standards. You will also set up remote attestation pipelines, safeguard biometric data, and help prepare our devices for certification across the UK, EU, and US.
This is a hands-on role — you will be building the secure foundations yourself, not just overseeing. If you have deep expertise in embedded security and want to shape the trust layer of a breakthrough biometric product, this is the opportunity.
Responsibilities
- Development of embedded firmware and applications to run in OP-TEE on ARM-based embedded platforms.
- Implement secure boot, firmware integrity protections, and hardware-backed key management.
- Design and integrate remote attestation workflows with external device attestation services.
- Ensure device security aligns with GDPR, UK Data Protection Act, US biometric privacy laws, and certification standards (ISO/IEC, FIPS).
- Develop layered tamper-prevention strategies (hardware and software).
- Architect methods for running ML models securely inside TEE, protecting sensitive model elements.
- Collaborate with hardware, firmware, and compliance teams to pass required certifications.
- Produce technical security documentation and support regulatory audits.
Skills
- 5+ years of professional experience in embedded systems security.
- Proven track record of working directly with OP-TEE on ARM/embedded platforms.
- Strong embedded firmware development skills (C, C++, Rust preferred).
- Hands-on experience with secure boot, trusted firmware, cryptography, and device attestation.
- Solid background in hardware security: tamper resistance, key storage, side-channel mitigation.
- Deep knowledge of biometric device security considerations (data protection, spoofing resistance, privacy).
- Familiarity with certification requirements: ISO/IEC 30107-3, ISO/IEC 19795, ISO/IEC 24745, FIPS 140-3.
- Experience with Linux kernel development, especially for embedded devices.
- Reproducible build systems (e.g. Yocto, buildroot.)
Education
- Bachelor’s or Master’s degree in Electrical Engineering, Computer Engineering, Computer Science, or related field.
- PhD in relevant area (trusted execution, embedded security, cryptography) is a plus, but not required.
Nice to have
- Experience integrating biometric datastreams into embedded security frameworks.
- Background in securing ML models or cryptographic accelerators on embedded devices.
- Contributions to OP-TEE or related open-source projects.
- Experience navigating regulatory certification processes for secure hardware.
What We Offer
- Global and Diverse Workforce: You'll work with people from various backgrounds and cultures.
- Learning and Development: You'll work on innovative, challenging projects and have access to experts and mentors to enhance your skills.
- Career Growth: Access to training, mentorship, and opportunities to contribute to open-source initiatives.
- Global Events and Conferences: Opportunities to attend the industry events.
- Collaborative and Innovative Culture: We foster teamwork and encourage new ideas.
Our Commitment to Diversity
At Nethermind, we celebrate diversity and are committed to creating an inclusive environment for all team members. We believe a variety of perspectives drives innovation and leads to better solutions for the blockchain community.
Ready to Join Us?
If you're passionate about blockchain and eager to make an impact, we’d love to hear from you. Click Apply for this job to start your journey with Nethermind.