Senior Embedded Security Engineer – Cybersecurity

About the role

We are looking for a Senior Embedded Security Engineer to lead the design and implementation of security features for Bosch's embedded platforms. You will work on secure boot, trusted execution environments, and runtime isolation across automotive and industrial solutions.

Key responsibilities

• Design and implement Secure Boot, Chain of Trust, and Measured Boot.
• Define and maintain Root of Trust (RoT) and Platform RoT.
• Develop and integrate Trusted Execution Environment (TEE) and work with Secure Partition Manager (SPM) and secure OS components.
• Support Automotive PKI, V2X security, and Secure Credential Management System (SCMS).
• Implement key management, provisioning, and secure key injection.
• Design runtime isolation using hypervisors (Xen, Jailhouse, ACRN) and VM separation.
• Implement application sandboxing, containerization, and define SELinux/SEAndroid policies.
• Deploy Integrity Measurement Architecture (IMA) and ensure process/thread isolation with MPU, MMU, and SMMU.

Required profile

• Degree in Computer Science, IT, Electrical Engineering, Embedded Electronics or related field.
• 3+ years of experience in embedded systems and Embedded Linux.
• Strong C/C++ programming skills and experience with bootloader and OS startup.
• Solid knowledge of embedded cybersecurity, cryptography fundamentals (PKI, TLS, key management) and hardware‑based security mechanisms.

Required skills

• Embedded Linux
• C / C++
• Bootloader development
• Secure Boot, Chain of Trust, Measured Boot
• Root of Trust, Trusted Execution Environment
• Secure Partition Manager
• Automotive PKI, V2X Security, SCMS
• Key Management, Key Provisioning, Secure Key Injection
• Hypervisor (Xen, Jailhouse, ACRN), VM separation
• Application sandboxing, Containerization
• SELinux, SEAndroid
• Integrity Measurement Architecture (IMA)
• MPU, MMU, SMMU
• ARM TrustZone
• Cryptography (PKI, TLS)