Lead Software Engineer, Device Security - IQ
Listed on 2026-03-01
-
IT/Tech
Cybersecurity
Who We Are
HP IQ is HP’s new AI innovation lab. Combining startup agility with HP’s global scale, we’re building intelligent technologies that redefine how the world works, creates, and collaborates.
We’re assembling a diverse, world‑class team—engineers, designers, researchers, and product minds—focused on creating an intelligent ecosystem across HP’s portfolio. Together, we’re developing intuitive, adaptive solutions that spark creativity, boost productivity, and make collaboration seamless.
We create breakthrough solutions that make complex tasks feel effortless, teamwork more natural, and ideas more impactful—always with a human‑centric mindset. By embedding AI advancements into every HP product and service, we’re expanding what’s possible for individuals, organisations, and the future of work. Join us as we reinvent work, so people everywhere can do their best work.
AboutThe Role
As a Lead Software Engineer specializing in Device Security, you will play a key role in helping HP IQ lead the industry in advancing the security of AI devices, and empowering business and users with control of their privacy and personal data in the quickly evolving AI‑driven world. Privacy and security are table stakes at HP IQ, and absolutely integral to our success as a dynamic company with a deep commitment to product.
You will own projects through their entire life cycle, building secure systems for our innovative devices by threat modeling, designing secure architectures, and implementing them. This role focuses on designing and implementing solutions across the entire software stack of embedded systems, PCs, and server‑class workstations. This includes the way they interface with the outside world, in a way that provides joyful user experiences without compromising privacy & security.
The technology that you will create will maintain and strengthen the trust that HP IQ promises to our customers.
- Lead the design and implementation of embedded device security architecture from the ground up, using industry‑standard cryptography practices for secure key management, hardware secure boot, PKI, and efficient data encryption.
- Collaborate cross‑functionally with the CoreOS, Firmware, Design, and Cloud Services teams to create robust security features.
- Develop custom Trust Zone or native kernel applications to enhance hardware‑backed identity solutions and data protection.
- Work on high‑profile projects, such as secure channels between devices, protecting personal data, and automatic theft detection, requiring secure and efficient data handling.
- Interface with biometric sensors to create secure channels for data flow inside and outside device boundaries.
- Assist in vulnerability management and apply secure SDLC practices across the company.
- 6+ years of experience in secure programming in embedded systems, AOSP, or Windows environments, primarily in C, C++, or Java.
- Strong understanding of general embedded systems security concepts, including establishing roots of trust, secure boot, cryptography, PKI, or application sandboxing.
- Experience in firmware security, OS‑level security, or network security.
- Demonstrated ability to architect and lead multi‑disciplinary projects from concept to deployment.
- Experience in designing secure interfaces with biometric sensors, custom PKI handling, or factory flow processes.
- Ability to work closely with cross‑functional teams to assess attack surface and threat models across many different features.
- Deep understanding (or deep desire to learn) of cryptography, security, and privacy theory and practices.
- Background in embedded systems like consumer electronics, IoT, medical, or payment devices or systems.
- Experience with AOSP and Linux security, including Trust Zone, TEE, AVB, Keystore, and SELinux.
- Experience with privacy compliance standards such as GDPR, CCPA, HIPAA, or ISO.
Salary: $216,000 - $288,000
#J-18808-Ljbffr(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).