Product Security Engineer - Operating System

Location: Palo Alto, CA (on-site)

About 1x

We’re an AI and robotics company based in Palo Alto, California, on a mission to build a truly abundant society through general-purpose robots capable of performing any kind of work autonomously.
We believe that to truly understand the world and grow in intelligence, humanoid robots must live and learn alongside us. That’s why we’re focused on developing friendly home robots designed to integrate seamlessly into everyday life.
We’re looking for curious, driven, and passionate people who want to help shape the future of robotics and AI. If this mission excites you, we’d be thrilled to hear from you and explore how you might contribute to our journey.

Role Overview

We are seeking a Product Security Engineer with expertise in operating system security to strengthen the foundation of our robotics platform. In this role, you will design and implement critical security features such as secure boot, trusted execution environments, and system service hardening. You will ensure that sensitive operations and data remain protected while enabling developers to maintain security best practices. This role will directly influence the resilience and trustworthiness of our robotics systems.

Responsibilities

• Develop and maintain secure critical services for Linux system
• Implement secure boot chains from fused hardware keys, ensuring verified OS and data partitions with rollback protection
• Integrate OP-TEE to safeguard sensitive assets such as mTLS certificates and disk encryption keys
• Harden system services using least-privilege operations, systemd features, namespacing, and syscall filtering
• Build hardening templates and automation tools to streamline security boundary enforcement for developers
• Automate security validation processes within CI/CD pipelines
• Design and enforce device access controls for Linux systems

Requirements

• Experience contributing and shipping C/C++ code (or similar) to production
• Strong experience with Linux operating system internals and security mechanisms
• Hands-on expertise with secure boot and verified boot implementations
• Familiarity with Trusted Execution Environments (e.g., OP-TEE or similar)
• Proven track record of applying least-privilege principles and hardening root-level services
• Proficiency with systemd and sandboxing, including namespacing, privilege restrictions, syscall filtering, and other techniques
• Experience designing security tools, automation, and templates for developers
• Knowledge of device access control and Linux permissions management
• Solid understanding of CI/CD integration for security validation
• Experience with NVIDIA Orin or similar SoC platform preferred
• Expertise in software development, including code auditing

Benefits & Compensation

• Salary Range: $175,000 – $187,500
• Health, dental, and vision insurance
• 401(k) with company match
• Paid time off and holidays

Equal Opportunity Employer
1X is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, ancestry, citizenship, age, marital status, medical condition, genetic information, disability, military or veteran status, or any other characteristic protected under applicable federal, state, or local law.