Security Engineer, Hardware Security

Saronic Technologies is a leader in revolutionizing autonomy at sea, dedicated to developing state-of-the-art solutions that enhance maritime operations through autonomous and intelligent platforms.

Security at Saronic is a force multiplier. We’re seeking a Security Engineer focused on hardware, embedded systems, and firmware security to own the security posture of Saronic's vessel hardware platforms from silicon to system. You will be the technical authority on hardware root of trust, secure boot, firmware integrity, embedded system hardening, and the security of third‑party hardware integrations. Your work ensures that every component on the vessel is resilient against tampering, exploitation, and supply‑chain compromise, designed in from the start and maintained across the fleet lifecycle.

• Conduct hardware security assessments including fault injection, side‑channel analysis, interface evaluation, and bus protocol analysis across Saronic‑built and third‑party hardware including sensors, radios, navigation systems, propulsion controllers, and communication modules
• Evaluate and harden physical interfaces, debug ports, maintenance access points, and removable media interfaces on vessel hardware
• Evaluate supply chain security risks for hardware components and recommend provenance validation, anti‑tamper, and attestation controls
• Develop and maintain a hardware security testing capability including tooling, methodology, and repeatable test procedures
• Design and implement secure boot chains establishing hardware root of trust from power‑on through application launch, integrating TPM, secure elements, and HSMs for device identity, key storage, measured boot, and remote attestation
• Design and implement secure firmware update mechanisms including signed updates, rollback protection, and verified delivery across the fleet
• Own the cryptographic key lifecycle for hardware‑bound keys, including provisioning, rotation, revocation, and escrow
• Harden embedded Linux systems on vessel platforms, including kernel configuration, mandatory access controls, secure IPC, and attack surface reduction
• Secure operational technology protocols and interfaces used in vessel control systems, propulsion, navigation, and sensor fusion including CAN bus, NMEA, and maritime/industrial communication protocols
• Define security boundaries, trust zones, and segmentation strategies for vessel‑internal compute and communication architectures
• Drive threat modeling across vessel hardware subsystems and translate findings into actionable engineering requirements
• Produce secure‑by‑design reference architectures and define hardware and firmware security standards, testing requirements, and acceptance criteria integrated into engineering workflows

• 6+ years of hands‑on experience in hardware security, embedded systems security, firmware security, or a closely related security engineering role
• Deep expertise in hardware hacking techniques including fault injection, side‑channel attacks, JTAG/SWD exploitation, bus sniffing/injection, and physical security assessments
• Demonstrated experience designing and implementing secure boot chains, hardware root of trust, and secure firmware update mechanisms in production systems
• Strong experience assessing third‑party hardware integrations and evaluating supply chain security risks
• Deep knowledge of embedded Linux security hardening, kernel security, and mandatory access control frameworks
• Experience with operational technology security, industrial protocols, or control system security
• Proficiency in C, C++, Python, or Rust in the context of firmware, embedded, or systems‑level security work, and with hardware security testing tools
• Ability to obtain and maintain a security clearance

• Experience in defense, aerospace, robotics, autonomy, maritime, or other high‑assurance environments
• Experience with autonomous systems, unmanned vehicles, or safety‑critical embedded platforms
• Experience with RTOS, microcontroller security, or resource‑constrained device environments
• Knowledge of CAN bus, NMEA protocols, maritime communication systems, RF/GPS/GNSS…