
Embedded Security Engineer
Remote
Full Time
#Engineering
#Embedded Software
#Rust
#Cryptography
At Thistle Technologies, we are dedicated to helping developers integrate robust security resilience directly into their products. While embedded devices frequently encounter the same sophisticated threats as traditional servers and workstations, they often lack the modern security mitigations required to defend against them. We bridge this gap by providing tools that make it simple to incorporate high-level security functionality into devices with demanding requirements. We are currently looking for an experienced Embedded Security Engineer to join our fully distributed team and help us shape the future of IoT security.
Key outcomes
- Guide product concepts for device security through every stage, from initial incubation and demonstration to final production.
- Design, deploy, and maintain innovative security features that evolve our core platform.
- Provide ongoing maintenance for existing features within the Thistle Security Platform.
- Work in close collaboration with our product, business development, and backend engineering teams, including providing support for sales calls when necessary.
- Act as an advocate for our platform by engaging with developer and open-source communities to demonstrate our capabilities in the device security space.
Requirements
- At least 8 years of professional experience building and shipping production software within the embedded security field.
- Strong proficiency in low-level embedded software development using C/C++ or Rust, including the ability to configure CI/CD pipelines for automated testing and deployment.
- Deep, hands-on knowledge of hardware security mechanisms, such as trusted execution environments, secure boot, debugging interfaces, and inter-processor communications.
- Comprehensive understanding of embedded operating system and firmware security principles.
- Solid grasp of applied cryptography, including familiarity with PKI, key derivation, key management, and secure communication.
- Fluency in standard cryptographic primitives like ECC, AES, RSA, and hashing, along with a foundational understanding of quantum-safe cryptography.
- Proven experience in software security, specifically regarding firmware reverse engineering, exploitation techniques, and the development of anti-exploitation countermeasures.
- A genuine interest in the unique challenges and opportunities found in a startup environment.
- Fluency in English.
Preferred qualifications
- Experience with device key provisioning systems within a manufacturing setting.
- Background in performing manual or automated security testing on embedded systems.
- Experience conducting vulnerability triaging and security code reviews, whether manual or assisted by code-scanning tools.
- Experience developing code signing systems or tools that utilize Cloud-based key management or hardware security modules.
Compensation
We offer a competitive salary and equity package. Our benefits include:
- A 4-day workweek to support a healthy work-life balance.
- Comprehensive health, dental, and vision insurance plans with premium contributions.
- A 401(k) retirement plan.
- An unlimited vacation policy.
- The flexibility of a fully remote and distributed work environment.
How to apply
If you are passionate about building secure, resilient technology and thrive in a collaborative, autonomous culture, we invite you to reach out. Please submit your application to join our team, and we look forward to reviewing your background and experience.





