Staff Device Security Engineer
Tbwa Chiat/Day Inc, San Francisco, CA, United States
Worldcoin (www.worldcoin.org) is an open-source protocol, supported by a global community of developers, individuals, economists, and technologists committed to expanding participation in, and access to, the global economy. Its community is united around core beliefs in the inherent worth and equality of every individual, the right to personal privacy, and open and public collaboration. These beliefs are reflected in what the community is building: a public utility to connect everyone to the global economy.
The Worldcoin Foundation (www.worldcoin.foundation) is the protocol’s steward and will support and grow the Worldcoin community until it becomes self-sufficient. Tools for Humanity (www.toolsforhumanity.com) is a global hardware and software development company. It helped launch Worldcoin and continues to provide support to the Foundation, in addition to operating the World App.
This opportunity would be with Tools for Humanity.
About the Orb
Worldcoin's launch requires a "Proof-of-Personhood": a way to determine someone is human (not a bot) and hasn't already claimed their free share of Worldcoin. This is why we developed the Orb.
The Orb is an advanced biometric imaging device, custom-designed for Worldcoin's launch. Orbs are deployed to a global network of operators, who use the device to onboard new Worldcoin users. During this onboarding, the Orb generates an encoding of each user's iris and submits it to Worldcoin's backend. For more details on how the Orb is part of Worldcoin's privacy-preserving approach to Proof-of-Personhood, see the Worldcoin whitepaper.
The Orb solves a fierce combination of engineering and UX challenges, centered around image quality, security, and ease-of-use. Each device has an advanced iris imaging system, designed to work consistently across real-world lighting conditions. An additional suite of sensors feeds into an onboard fraud detection system, enabling use in unsecured environments. These systems are combined in a sleek industrial design with a simple, minimalist user interface.
About the Company
Worldcoin is a new, collectively owned global currency that will be distributed fairly to as many people as possible. Worldcoin will launch by giving a free share to everyone on Earth. We believe that this is an essential step to accelerate the transition towards a more inclusive global economy, providing new ways for everyone to share future prosperity. We hope you’ll join us on our ambitious journey.
About the Team
The Orb Software team is a small group of industry experts, software generalists, and passionate hackers - collectively driven by Worldcoin’s ambitious mission. We're responsible for all software running on the Orb, plus software for manufacturing, automated testing, and fleet management. The multidisciplinary nature of the project requires us to work closely with Backend, Hardware, and AI & Biometrics teams.
Our team embraces the challenges involved in bringing the Orb to life. In this pursuit, we value first principles thinking, pragmatism over perfection, and the sanctity of deep work. We empower each other to own large projects end-to-end, and strive for excellence as a team.
About the Role:
- In this role, you will work with our team of security experts to build the most secure embedded device in the world by innovating and applying the state of the art security technology.
- You will drive the development of new hardware or software security features and deploy them to a global fleet of thousands of devices.
- You will be involved in the security-critical stages of the Orb's manufacturing process and supply chain to enforce security and transparency.
- Your team will also engage with external resources (e.g. auditors, red teams, bounty programs) to continuously improve the security of the Orb.
About You
- 8-12 years experience designing and delivering security-critical systems for internet-connected embedded devices, such as: hardware oracles, robotic systems, IoT devices, or automotive systems.
- Extensive experience creating, presenting, and refining technical specifications from top-level system architecture documents down to low-level implementation guides and test plans.
- Experience incorporating hardware-based security techniques (TPM, TEEs, secure boot, etc) into a robust hardware/software system design.
- Experience with Virtualization, ARM TrustZone, secure kernel (e.g., seL4), Intel TDX, AMD SEV-SNP, OpenTitan, NVIDIA GPU confidential computing, or firmware security.
- Sound knowledge of cryptographic primitives and public key infrastructure.
- Strong critical thinking, communication, and leadership skills.
- Energized by working in a fast-paced, collaborative environment.
If you don't think you meet all of the criteria below but still are interested in the job, please apply. Nobody checks every box, and we're looking for someone excited to join the team.
Nice-to-Have Skills
- Experience with intrusion detection, security monitoring or endpoint protection systems.
- Experience with certificate transparency or key transparency.
- Experience or knowledge on Android security, iOS security.
Pay transparency statement (for CA and NY based roles):
The reasonably estimated salary for this role at TFH ranges from $275,000 - $333,000, plus a competitive long term incentive package. Actual compensation is based on factors such as the candidate's skills, qualifications, and experience. In addition, TFH offers a wide range of best in class, comprehensive and inclusive employee benefits for this role including healthcare, dental, vision, 401(k) plan and match, life insurance, flexible time off, commuter benefits, professional development stipend and much more!