Rival
Security Infrastructure Engineer - Full Time
Rival, Fort Collins, Colorado, us, 80523
We are working on software, firmware and hardware to evolve the RISC-V ecosystem and build secure-by-design RISC-V based systems.The security team has the charter to define external and internal interfaces for secure provisioning and trusted computing base (TCB) updates of our SOC and platforms. As part of our work on foundational security and to enable Trusted Execution Environments for RISC-V based platforms, we are building the security infrastructure services necessary to support secure device provisioning and lifecycle management for the SOC-Integrated Root of Trust (RoT), and manage the trusted elements of the platform.Positions are open for full-time roles at multiple levels in this area, including, for a technical lead capable of designing the overall set of services and developing and deploying the first prototypes, as well as developers and operators who have experience in this area. The team is expected to grow over time to increase development and operational capacity in a scalable manner.We are big proponents of open source software and open hardware and contribute back improvements to all the great projects we use.Responsibilities
Design, develop, and deploy security infrastructure services for key management, manufacturing provisioning, certificate authority, and code signingDesign and develop APIs, protocols and services for enumeration, configuration and management of platform assetsDevelop policies and procedures associated with key generation/managementInterface with manufacturing partners to install, troubleshoot and debug security provisioning aspects.Interface and lead SW teams to build the components required for hosting the services along with any SDKs required for partners.Day-to-day operations of security infrastructure servicesRequirements
Full stack developer with fault-tolerant systems experience and security backgroundHardware security module (HSM) appliance integration and coding for code signing services, secure payload decryption, certificate signing, device ID generation, etc.Experience with integrating remote systems with automatic test equipment (ATE)Operational experience in deploying and maintaining an HSM, code-signing, access control management, web services deployment, software upgrades, CI/CD flowsUnderstanding of security flows, key generation, secure key delivery, access control tokens, key cards, n of m quorums, and other secure processesUnderstanding of crypto primitives such as keys, signatures, certificates, etc.VPN, SSL, secure connection experience (programming and configuration)Proficiency programming in C/C++/Java or equivalent UI capable language and/or programming in Python or equivalent scripting languageExperience with software deployment via containers (K8s) a plusExperience with RISC-V, OpenTitan, or Caliptra a plusEducation and Experience
PhD, Master’s Degree or Bachelor’s Degree in technical subject area.
#J-18808-Ljbffr
Design, develop, and deploy security infrastructure services for key management, manufacturing provisioning, certificate authority, and code signingDesign and develop APIs, protocols and services for enumeration, configuration and management of platform assetsDevelop policies and procedures associated with key generation/managementInterface with manufacturing partners to install, troubleshoot and debug security provisioning aspects.Interface and lead SW teams to build the components required for hosting the services along with any SDKs required for partners.Day-to-day operations of security infrastructure servicesRequirements
Full stack developer with fault-tolerant systems experience and security backgroundHardware security module (HSM) appliance integration and coding for code signing services, secure payload decryption, certificate signing, device ID generation, etc.Experience with integrating remote systems with automatic test equipment (ATE)Operational experience in deploying and maintaining an HSM, code-signing, access control management, web services deployment, software upgrades, CI/CD flowsUnderstanding of security flows, key generation, secure key delivery, access control tokens, key cards, n of m quorums, and other secure processesUnderstanding of crypto primitives such as keys, signatures, certificates, etc.VPN, SSL, secure connection experience (programming and configuration)Proficiency programming in C/C++/Java or equivalent UI capable language and/or programming in Python or equivalent scripting languageExperience with software deployment via containers (K8s) a plusExperience with RISC-V, OpenTitan, or Caliptra a plusEducation and Experience
PhD, Master’s Degree or Bachelor’s Degree in technical subject area.
#J-18808-Ljbffr