Product Security Engineer, Operating System

Product Security Engineer, Operating System

Join to apply for the Product Security Engineer, Operating System role at 1X

We’re an AI and robotics company based in Palo Alto, California, on a mission to build a truly abundant society through general‑purpose robots capable of performing any kind of work autonomously. We believe that to truly understand the world and grow in intelligence, humanoid robots must live and learn alongside us. That’s why we’re focused on developing friendly home robots designed to integrate seamlessly into everyday life.

We’re looking for curious, driven, and passionate people who want to help shape the future of robotics and AI. If this mission excites you, we’d be thrilled to hear from you and explore how you might contribute to our journey.

We are seeking a Product Security Engineer with expertise in operating system security to strengthen the foundation of our robotics platform. In this role, you will design and implement critical security features such as secure boot, trusted execution environments, and system service hardening. You will ensure that sensitive operations and data remain protected while enabling developers to maintain security best practices.

This role will directly influence the resilience and trustworthiness of our robotics systems.

• Develop and maintain secure critical services for Linux system
• Implement secure boot chains from fused hardware keys, ensuring verified OS and data partitions with rollback protection
• Integrate OP-TEE to safeguard sensitive assets such as mTLS certificates and disk encryption keys
• Harden system services using least‑privilege operations, systemd features, namespacing, and syscall filtering
• Build hardening templates and automation tools to streamline security boundary enforcement for developers
• Automate security validation processes within CI/CD pipelines
• Design and enforce device access controls for Linux systems

• Experience contributing and shipping C/C++ code (or similar) to production
• Strong experience with Linux operating system internals and security mechanisms
• Hands‑on expertise with secure boot and verified boot implementations
• Familiarity with Trusted Execution Environments (e.g., OP-TEE or similar)
• Proven track record of applying least‑privilege principles and hardening root‑level services
• Proficiency with system and sandboxing, including namespacing, privilege restrictions, syscall filtering, and other techniques
• Experience designing security tools, automation, and templates for developers
• Knowledge of device access control and Linux permissions management
• Solid understanding of CI/CD integration for security validation
• Experience with NVIDIA Orin or similar SoC platform preferred

Employer1X is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, ancestry, citizenship, age, marital status, medical condition, genetic information, disability, military or veteran status, or any other characteristic protected under applicable federal, state, or local law.