VotaryTech - Secure Bootloader Engineer - Firmware

Votary Softech Solutions Pvt. Ltd. 

📍 Hyderabad, India 🇮🇳

full-time
mid-level
Expired
Posted —
This job posting has expired View All Firmware Engineer Jobs

Key Skills

bootloadercryptographyARMRTOSdebugging

Industry

AutomotiveIoT

Job Description

Description

About the Role :

The Secure Bootloader Engineer will be responsible for the end-to-end design, implementation, and validation of secure bootloaders that enable trusted firmware execution and authenticated over-the-air (OTA) updates. The role demands deep expertise in embedded systems, cryptographic protocols, and secure firmware development within safety-critical or high-reliability environments such as automotive, IoT, or industrial control systems.

Key Responsibilities

Bootloader Architecture & Development :

  • Design and develop secure bootloader architectures supporting multi-core microcontrollers and SoCs.
  • Implement secure boot mechanisms, ensuring trusted device initialization and firmware integrity verification.
  • Manage memory layout and partitioning for bootloader and application coexistence, including flash and RAM mapping.
  • Develop and maintain firmware update mechanisms, including secure flashing and rollback protection.

Security & Cryptography

  • Integrate cryptographic algorithms (RSA, ECC, AES, SHA) for firmware authentication and encryption.
  • Implement PKI-based secure firmware signing and verification workflows.
  • Collaborate with hardware teams to integrate Hardware Security Modules (HSMs) for key management and secure key storage.
  • Develop secure communication channels during firmware download and OTA updates.
  • Conduct security threat modeling and ensure bootloader compliance with cybersecurity standards (ISO 21434, NIST, etc.).

Testing, Validation & Debugging

  • Perform low-level debugging and root-cause analysis for startup and boot-time issues.
  • Execute and automate secure bootloader test cases, including UDS-based (Unified Diagnostic Services) validation.
  • Develop and execute diagnostic services (DIDs) for secure bootloader functionalities.
  • Collaborate with QA teams for regression, stress, and fault-injection testing.
  • Support system-level validation of secure OTA updates and firmware lifecycle management.

Compliance, Quality & Configuration Management

  • Ensure compliance with MISRA C/C++ coding standards and follow secure coding practices.
  • Conduct code reviews, perform errata analysis, and maintain detailed technical documentation.
  • Manage version control and configuration using SVN/Git.
  • Maintain traceability of requirements and design artifacts using IBM DOORS or equivalent ALM tools.
  • Participate in certification and audit readiness activities related to firmware security.

Technical Skills & Requirements

Core Expertise :

  • Proficiency in embedded C/C++ programming for low-level system software.
  • Hands-on experience with secure bootloader design on ARM Cortex-M/R/A, Infineon Tricore, NXP, or Renesas platforms.
  • Strong understanding of embedded hardware interfaces (UART, SPI, I2C, CAN, Ethernet).
  • Experience with cryptographic libraries (mbedTLS, WolfSSL, OpenSSL).
  • Knowledge of real-time operating systems (RTOS) such as FreeRTOS, QNX, or AUTOSAR OS.

Security & Standards

  • Understanding of firmware signing, certificate chains, and public key infrastructures.
  • Experience with security certifications (ISO 26262, ISO 21434, FIPS, or Common Criteria) preferred.
  • Familiarity with OTA update frameworks and secure firmware distribution pipelines.

Tools & Environment

  • Proficiency in debugging using JTAG/SWD and tools like Lauterbach, Trace32, or Segger J-Link.
  • Experience with version control (Git/SVN), build systems (CMake/Make), and CI/CD pipelines.
  • Working knowledge of requirement management and traceability tools (IBM DOORS, Polarion, or Jama).
  • Familiarity with static code analysis and code quality tools (Polyspace, PC-lint, Coverity).

Preferred Qualifications

  • Bachelors or Masters degree in Computer Science or a related field.
  • Prior experience in automotive ECUs, IoT security firmware, or industrial embedded platforms.
  • Exposure to coexistence management (WLAN, BLE) and their integration in secure boot contexts.
  • Experience in secure firmware lifecycle management, key provisioning, and trusted platform modules (TPMs).

(ref:hirist.tech)