Responsibilities:

📍Implement software applications that may include key storage, signing, encryption, code attestation, or secure boot. 📍Design, deploy, and maintain security solutions supporting maintenance of digital assets 📍Work closely with software security engineers to develop the capabilities of the existing signing security infrastructure with a goal of security and scalability. 📍Integrate the use of hardware security mechanisms into the Gemini software infrastructure. 📍Work with hardware security mechanisms of interest include a trusted platform module (TPM) and/or hardware security modules (HSMs), and/or other similar hardware key storage mechanisms. 📍Develop tools that integrate security into systems and process. 📍Participate in disaster recovery (DR) scenarios to validate operability of physical and digital material.

Minimal Qualifications:

📍Hands-on expertise in the development of at least one area of software security that includes implementing software in any of the following: operating systems, kernel development, kernel modules, embedded security software, network security engineering, cryptographic protocols, or cryptographic hardware (PKCS#11, FIPS 201-1 PIV, smartcards, TPMs, HSMs, or TEEs) 📍Hands-on expertise in any one of the following areas: hardware security modules or discrete trusted platform modules or firmware trusted platform modules or secure enclaves 📍Experience in network engineering and security 📍Experience in researching and addressing complex business topics around TPMs, HSMs, TEEs, secure build infrastructure, and applied cryptography. Candidates without a strong understanding in one of these areas may still be a strong candidate if this is offset by a strong background in a systems security area (e.g., operating systems, embedded systems security, firmware security, network security engineering)