Senior Firmware Security Engineer

VinSOC 

📍 Hanoi Capital Region, Vietnam 🇻🇳

full-time
senior
Posted —

Key Skills

C/C++ARMFreeRTOScryptographySecureBoot

Industry

AerospaceDefense

Job Description

Job Description

We are looking for a Senior Firmware Security Engineer to design, implement, and harden security features for the on-board firmware of our class satellite and robots platform. The target firmware is written in C/C++ and runs on ARM-based micro-controllers / SoCs under either a real-time operating system (FreeRTOS, Zephyr, RTEMS) or an embedded Linux stack. While the platform is a spaceborne system, its firmware-security concerns closely resemble those of a high-assurance embedded device: immutable root of trust, secure update, tamper resistance, and fault-tolerant cryptography. You will work closely with flight-software, hardware, and mission-operations teams to ensure that every firmware image flown on-orbit is trustworthy throughout its full life-cycle.



What You'll D

o1. Secure Firmware Architectur

  • eDefine and implement the end-to-end firmware security architecture for the satellite/robots OBC/ADCS/payload controllers, including Secure Boot chain, Root-of-Trust, Trusted Execution Environment (Arm TrustZone / OP-TEE), secure key storage, and anti-rollback mechanisms
  • .Collaborate with hardware engineers to leverage ARM SoC security IP (TrustZone, cryptographic accelerators, OTP/eFuse, PUF where available)

.2. Secure Boot & Trusted Updat

  • eImplement a multi-stage verified boot flow (BL1 → BL2 → kernel/RTOS → app), with image signing, authenticated configuration, and rollback protection using monotonic counters
  • .Design and implement secure OTA / uplink firmware update pipelines resilient to interrupted uplinks, partial images, and radiation-induced bit flips; provide A/B or golden-image fallback

.3. Cryptography on Constrained Target

  • sIntegrate and tune lightweight cryptographic libraries (mbedTLS, wolfSSL, tinycrypt) for ARM Cortex-M / Cortex-A class targets with tight RAM/flash budgets
  • .Manage symmetric/asymmetric key lifecycles (AES-GCM, ECDSA/Ed25519, SHA-2/3, HKDF); evaluate post-quantum migration options for long-lived missions

.4. Threat Modeling & Secure Design Review

  • sLead threat modeling (STRIDE / attack-tree) for the on-board compute, bus interfaces (I²C, SPI, UART, CAN, SpaceWire), and debug surfaces (JTAG/SWD)
  • .Produce and maintain a Security Engineering Process (SEP) covering requirements, reviews, verification, and incident response for flight firmware

.5. System Hardenin

  • gHarden RTOS/Linux configurations: MPU/MMU-backed isolation, stack canaries, ASLR (where feasible), safe memory allocators, SELinux/AppArmor on Linux-based payloads
  • .Disable/lock debug ports, secure fuses, and define tamper-response behavior



.

What We're Looking

  • ForBachelor's or Master's degree in Computer Science, Electrical / Electronic Engineering, Cryptography, or a related technical fie
  • ld.5+ years of hands-on embedded / firmware development in C and C++, with at least 2 years focused on embedded securi
  • ty.Strong working knowledge of ARM architecture (Cortex-M and/or Cortex-A), including boot flow, memory map, exception model, MPU/MMU, and TrustZone concep
  • ts.Practical experience with at least one RTOS (FreeRTOS, Zephyr, RTEMS, VxWorks) and/or embedded Linux (Yocto/Buildroot, kernel configuration, BS
  • P).Demonstrated experience implementing secure boot, signed firmware update/OTA, secure key storage, and secure inter-component communicati
  • on.Solid grasp of applied cryptography: symmetric/asymmetric algorithms, key management, authenticated encryption, hashing, entropy sourc
  • es.Proficiency with low-level debug tools (JTAG/SWD, logic analyzers, oscilloscopes, serial consoles) and static/dynamic analysis tooli


ng.
Nice to

  • HavePrior flight-software or satellite / CubeSat experience (OBC, ADCS, EPS, or payload firmwa
  • re).Familiarity with space-domain standards: CCSDS (TC/TM/AOS), SDLS, ECSS-E-ST-40 / ECSS-Q ST-80, NASA NPR 715
  • 0.2.Experience with radiation-tolerant design practices: EDAC/ECC memory, SEU/SEL mitigation, watchdog strategies, software-level
  • TMR.Secure development on space-grade or automotive-grade toolchains; MISRA-C/C++ awaren
  • ess.Security certifications: CISSP, OSCP, CEH, SANS GIAC (GPEN, GXPN, GR
  • ID).Experience with ground-segment integration, flat-sat test benches, and HIL simulat


ion.