Sr. Embedded Security Engineer

Our Mission

SPAN is enabling electrification for all ⚡

We are a mission-driven company designing, building, and deploying products that electrify the built environment, reduce carbon emissions, and slow the effects of climate change.

• Decarbonization is the process to reduce or remove greenhouse gas emissions, especially carbon dioxide, from entering our atmosphere.

• Electrification is the process of replacing fossil fuel appliances that run on gas or oil with all-electric upgrades for a cleaner way to power our lives.

At SPAN, we believe in:

• Enabling homes and vehicles powered by clean energy

• Making electrification upgrades possible

• Building more resilient homes with reliable backup

• Designing a flexible and distributed electrical grid

The Role

We are looking for a hands-on individual with a security engineering mindset to join us as a Senior Embedded Security Engineer as part of the Security team at SPAN. In this role, you will directly influence the security of software across our entire hardware product line. We are looking for someone with a proven track record of building and deploying hardware security technologies who can bring deep expertise to our expanding ecosystem.

Ideally, you have notable skills and experience in the following core areas:

• Applied cryptography and cryptographic service infrastructure

• Operating system security and OS-level hardening

• Secure / Authenticated boot flows

• Hardware Security Modules (HSMs) and Trusted Platform Modules (TPMs)

What You’ll Do (Responsibilities)

• Architect and develop robust security infrastructure, including cryptographic services and other security-critical components.

• Implement secure and authenticated boot flows to ensure device and firmware integrity from power-on.

• Design and secure Over-the-Air (OTA) update systems, ensuring robust encryption, cryptographic signing, authentication, and anti-rollback protections for remote deployments.

• Design and integrate security provisioning protocols into the factory manufacturing process.

• Establish secure device identities and root-of-trust architectures utilizing onboard hardware security modules (HSMs/TPMs).

• Design and implement secure debug architectures to safeguard physical and logical interfaces (e.g., JTAG, SWD, UART) against unauthorized access and reverse engineering.

• Harden Linux and POSIX-based operating systems to minimize attack surfaces and secure the software stack.

• Rapidly prototype new security features, helping to identify vulnerabilities, design mitigations, and test continuous security improvements.

What You’ll Bring (Qualifications)

• Experience: 6+ years of professional experience in hardware security, embedded systems engineering, or a closely related field.

• Security Hardware: Advanced hands-on experience configuring and deploying specialized security hardware, including TPMs and HSMs.

• Software Development: Strong programming proficiency in C/C++, Rust and Python for developing secure, high-performance software and automation tools.

• OS Security: Demonstrated experience designing, architecting, and implementing security solutions at the operating system level.

• Systems Engineering: Core expertise in bare-metal embedded systems development and firmware security.

• Linux Ecosystem: Familiarity with building and configuring custom Linux distributions using Yocto Linux.

Life at SPAN

Headquartered in San Francisco’s vibrant SoMa neighborhood, we are an eclectic group of creative thinkers who value open communication, teamwork, and a ‘make it happen’ approach to addressing complex challenges. 

SPAN embraces diversity and equal opportunity in a serious way. We are committed to building a team that represents a variety of backgrounds, perspectives, and skills. 

We’re hiring talented individuals who are driven by success and are passionate about shaping the future of renewable energy. If that sounds like you, we’d love for you to consider joining the rapidly growing team at SPAN.

The Perks:

⚡ Competitive compensation + equity grants at a well-funded, venture-backed company

⚡ Comprehensive benefits: 100% employee premiums for base plans on medical, dental, vision with options for additional coverage.  Parental leave up to twenty four (24)  weeks depending on eligibility

⚡ Comfortable, sunny office space located near BART and Caltrain public transit

⚡ Strong focus on team building and company culture: Employee Resource Groups, monthly social events, SPANcakes recognition breakfast, lunch, and learns

⚡ Flexible hours, one holiday per month, and flexible time off

Interested in joining our team? Apply today and we’ll be in touch with the next steps!