Castelion Corporation
Senior Software Security Engineer
Remote Software Security Engineering role with clear candidate location fit.
PostedJul 5, 2026
Eligible countries1 accepted country
Seniority signalSenior
Work settingRemote
Accepted candidate locations
USA
Role overview
Senior Software Security Engineer
Requirements and responsibilities
Readable role content extracted into sections for faster review.
Responsibilities
- Secure Boot & Root of Trust: Design and implement secure boot chains, hardware-backed root of trust mechanisms, and firmware verification processes for embedded flight systems.
- Cryptography & Encryption: Develop and integrate cryptographic protocols and libraries (e.g., symmetric/asymmetric encryption, key exchange, digital signatures) for embedded and distributed systems.
- Code Signing & Update Security: Own software signing infrastructure and verification workflows to ensure authenticity and integrity of firmware, flight software, and field updates.
- Key Management & Provisioning: Design secure key generation, storage, rotation, and provisioning systems across development, manufacturing, and deployed environments.
- Secure Communications: Implement and review authenticated and encrypted communication channels between vehicle, ground systems, and internal subsystems.
- Threat Modeling & Hardening: Conduct threat modeling and security reviews across the software stack. Identify vulnerabilities and implement practical mitigations aligned with mission constraints.
- Cross-Functional Integration: Partner with embedded, avionics, hardware, and infrastructure teams to embed security principles into system architecture from initial design through deployment.
Basic Qualifications
- Bachelors degree in Computer Science, Computer Engineering, Electrical Engineering, or related STEM field
- 3+ years of professional experience in software engineering with exposure to applied cryptography or security engineering
- Experience implementing encryption, authentication, or digital signature systems in C, C++, Rust, or similar systems languages
- Strong understanding of cryptographic fundamentals (PKI, TLS, key exchange, hashing, signatures)
- Experience working in Linux-based or embedded environments
Preferred Skills and Experience
- Experience implementing secure boot or hardware root-of-trust mechanisms
- Experience with code signing pipelines and artifact verification
- Familiarity with TPMs, HSMs, or secure elements
- Experience in embedded, aerospace, defense, or other safety-critical systems
- Experience designing secure provisioning workflows in manufacturing environments
- Understanding of real-time systems and resource-constrained devices
- Experience with mTLS, certificate lifecycle management, and replay protection mechanisms
Leadership Qualities
- Bias to Action and Creative Problem Solving. Desire and experience questioning assumptions in ways that lead to break through ideas that are ultimately implemented. Successfully bring in applicable processes/concepts/materials from other industries to achieve efficiency gains. Ability to personally resolve minor issues in development without requiring significant support.
- High Commitment, High Initiative. A successful candidate will have a genuine passion for Castelion's mission and consistently look for ways to contribute to the company's technical goals and prevent hardware blockers. Ability to work in a fast paced, autonomously driven, and demanding atmosphere. Strong sense of accountability and integrity.
- Clear Communicator. Proactively communicates blockers. Trusted in previous roles to be voice of company with regulators, suppliers, gate keepers and customers. Capable of tactfully managing relationships with stakeholders to achieve company-desired outcomes without compromising relationships. Emails, IMs and verbal interactions are logical, drive clarity, and detailed enough to eliminate ambiguity.
ITAR Requirements
- To conform to U.S. Government export regulations, applicant must be a (i) U.S. citizen or national, (ii) U.S. lawful, permanent resident (aka green card holder), (iii) Refugee under 8 U.S.C. § 1157, or (iv) Asylee under 8 U.S.C. § 1158, or be eligible to obtain the required authorizations from the U.S. Department of State.
Similar roles
Keep a backup shortlist.
Stack
Use these tags to compare similar remote roles.
Location eligibility
Candidates should apply only when their profile country is listed here.
Your profileCountry not setSign in to check your country against this role.
Hiring flow
WithMira shows the role, then sends candidates to the company application.
1Check role fit, stack, and location eligibility in WithMira.
2Open the company application page from the tracked apply link.
3Save the role or subscribe for similar opportunities before leaving.