Senior Offensive Security Engineer

The Role:

Openchip is building new RISC-V chips with security at heart, enabling safer and more privacy-respectful execution of data processing workloads like AI models. As a Senior Offensive Security Engineer, you will help to ensure that our software and systems are designed and implemented to the highest security standards. You will perform technical security assessments, code reviews and vulnerability testing to highlight risk, helping Open Chip teams and partners to improve security, and work on a wide variety of software designs and technology stacks..

Key responsibilities:

• Identify Vulnerabilities: Discover security flaws before they can be exploited, using offensive security techniques across the full software and firmware stack.

• Threat Modeling: Development of comprehensive threat models covering all targeted usages and deployments of Openchip SW Stack.

• Security Documentation: create and maintain high-quality security guidance documentation, including best practices, design recommendations, and threat mitigation strategies.

• Security Standards Compliance: Drive the alignment of OpenChip products with industry-recognized security standards (e.g., FIPS 140-3, NIST SP , ISO/IEC

• Advanced Security Research, Conduct deep technical investigations in areas such as:

• Microarchitectural security (e.g., side-channel attacks)

• Cryptographic weaknesses - Fuzzing and reverse engineering

• Code and architecture-level security reviews

• Logic and memory vulnerabilities (e.g., kernel/firmware privilege escalation)

• Interact with colleagues across projects to unblock issues, or to reach consensus on technical topics.

In particular:

• Collaborate with colleagues through code reviews, bug triaging, design documents,...

• Contribute to shared team responsibilities (CI failure triaging, documentation, code fixits, rotations...).

• Work with validation teams on required test cases, coverage, and methodologies to ensure robust security verification.

• Work with support Quality team by delivering security guidelines and best practices for implementing a secure development lifecycle (SDL).

• Work with hardware teams, providing requirements for security and influencing hardware/software co-design.

Required qualifications:

• Bachelor or Master's degree in a relevant field.

• Experience in the relevant field (5-10yr).

• Experience with standard tools for source control (git), continuous integration, task management (Jira).

• Solid knowledge about computer architecture (CPU, cache and memory hierarchy, buses,...).

• Knowledge about at least two of the following areas:

• Microarchitectural security(side channel attacks, fault injection)

• Platform security features (kernel/firmware hardening, CHERI, CFI, pointer tagging, virtualization-based security, IOMMU).

• Cryptograpy usage across networks (certificates, signatures, TLS/SSL, PK, remote attestation).

• Boot integrity technologies (UEFI Secure Boot, measured boot, TPM). - Cryptography, including experience with cryptography libraries (OpenSSL, libssl, wolfssl, mbedtls, libsodium).

Soft skills:

• Team player: communicative and collaborative person who focuses on the outcome of the team above the individual needs.

• Curious about learning new technologies/stacks.

– Capable of within- and cross-team collaboration at the technical level.

• Can-do attitude, proactive and willing to step up and resolve any obstacle. Self-aware, self-starter, and self-motivated.

Preferred qualifications:

• Experience designing for relevant security standards (TCG, IEEE, NIST, FIPS, PCI, ISO 28000 series)

• Experience designing for crypto security (e.g. certificate handling and PKI, attestation, TPM/HSM)

• Expert knowledge of common security-relevant protocols (e.g. SSH, TLS, DNS, DHCP, NTP, ICMP)

• Expert knowledge of Linux, and hypervisor security

• Experience with open source software development. In particular, engagement with OpenSSF or other Open Source security organizations, and/or history of contributions to Open Source projects.

What We Offer?

• The opportunity to build a cloud AI deployment platform that will power next generation AI systems.
• A collaborative, innovation-driven environment with significant autonomy and ownership.
• Hybrid work model with flexible scheduling.
• A chance to join one of Europe's most ambitious companies at the intersection of AI and silicon engineering.
• Position based in Barcelona, Spain.

We're looking for exceptional engineers ready to shape the future of AI infrastructure. If building scalable, cloud-native AI deployment platforms excites you, we'd love to meet you.

At Openchip & Software Technologies S.L., we believe a diverse and inclusive team is the key to groundbreaking ideas. We foster a work environment where everyone feels valued, respected, and empowered to reach their full potential—regardless of race, gender, ethnicity, sexual orientation, or gender identity.