Staff Security Software Engineer

  • Indefinido
  • Tiempo completo
  • Híbrido (08034, Barcelona, Barcelona/Catalunya/Espanya, España)
  • SOFTWARE AND AI

The role:
Openchip is building new RISC-V chips with security at heart, enabling safer and more privacy-respectful execution of data processing workloads like AI models.
As a Staff Security Software Engineer, you will lead a team designing and implementing security features across Openchip’s software stack: from low-level platform firmware to integrations with AI and Cloud runtimes. You will also contribute to hardware/software co-design, providing requirements and identifying potential IPs, as well as engage with the wider security community.


Key responsibilities:
• Understand the technical landscape of their project and make decisions about it.

• Make independent technical contributions, especially for the most foundational or challenging parts of the project.
– Develop and maintain security features for novel and existing hardware architectures (RISC-V and others).
– Implement secure boot, confidential computing, cryptography, and other platform security features.
– Define new interfaces and modify existing ones to expose security features to user applications. When possible, identify and leverage existing standard ones.

• Interact with engineers and leads from their and other teams to unblock issues, or to reach consensus on technical topics. In particular:
– Work with firmware and operating systems teams, incorporating security features into low-level and platform software.
– Work with middleware teams, exposing security features to user applications and/or hardening frame-works.
– Work with hardware teams, providing requirements for security and influencing hardware/software co-design.

• Provide technical guidance to more junior team members, also acting as a mentor.

• Review team artifacts (design documents, code changes) both for correctness but also for code quality and consistency.

• Identify opportunities for code and/or process improvement.

• Loop in directors and above as needed, for instance to surface potential risks or get feedback based on area-level technical knowledge.

• Collaborate with program managers for task and deliverable tracking, as well as process improvements.

• Communicate outside the team, explaining and divulging technical topics to less technical parts of the organization.


Required qualifications:
• Bachelor or Master’s degree in a relevant field.
• Experience in the relevant field (more than 10 years).
• Solid knowledge about computer architecture (CPU, cache and memory hierarchy, buses,. . . ).
• Knowledge about at least three of the following areas:
– Confidential computing technologies (RISC-V CoVE, Intel SGX, Intel TDX, AMD SEV, confidential containers).
– Platform security features (kernel/firmware hardening, CHERI, CFI, pointer tagging, virtualization-based security, IOMMU).
– Cryptograpy usage across networks (certificates, signatures, TLS/SSL, PKI remote attestation).
– Boot integrity technologies (UEFI Secure Boot, measured boot, TPM).
– Cryptography, including experience with cryptography libraries (OpenSSL, libssl, wolfssl, mbedtls, libsodium).
• Good understanding of pre-boot and boot process, and Linux kernel internals.
• Solid knowledge of low-level development languages (C, Rust).
• Experience with standard tools for source control (git), continuous integration, task management (Jira).

• English level minimum B2


Soft skills:

• Within- and cross-team collaboration at the technical level.
• Experience leading teams at the technical level (not necessarily with a formal management role).


Preferred qualifications
• Experience with assembly language (of any architecture).
• Experience with kernel and/or device driver development.
• Experience with hypervisor technology (KVM, Xen, Qemu).
• Experience with system boot technology (UEFI/EDK2, ACPI, u-boot, devicetree).
• Experience with open source software development. In particular, engagement with OpenSSF or other Open Source security organizations, and/or history of contributions to Open Source projects.
• Understanding of lifecycle management on firmware.
• Knowledge of JTAG debugging (including key generation and management).
• Experience working with hardware cryptography IPs.


What do we offer?

• Join an innovative team and experience company growth.

• We believe in investing in our employees and providing them with the opportunities they need to grow and develop their careers.

• Enjoy a hybrid work environment.

• We also offer a flexible schedule.

• We offer a remuneration that values your experience.

• The position will have the base in Barcelona.


Why Join Us?

At Openchip, we are pioneers in the semiconductor industry, driving innovation that transforms industries and shapes the future of computing. As a key member of our leadership team, you will have the opportunity to work on groundbreaking technologies that power some of the most demanding applications in AI, HPC, and cloud computing. We offer:

• Join a collaborative and inclusive culture that values creativity and technical excellence.

• The chance to work on impactful projects that make a real difference in the world.

• Enjoy a hybrid work environment. and a flexible schedule.

• Competitive compensation packages with opportunities for growth and professional development.


We are looking for outstanding people willing to join our mission to change this industry and help to build a better world.

If you feel identified with Openchip, please contact us. We can offer a competitive compensation package in a flexible work schema that will help you to keep a balance between your personal and professional life.

At Openchip & Software Technologies S.L., we believe a diverse and inclusive team is the key to groundbreaking ideas. We foster a work environment where everyone feels valued, respected, and empowered to reach their full potential – regardless of race, gender, ethnicity, sexual orientation, or gender identity.