Skip logo

Infrastructure Security Engineer

Skip

Posted about 3 hours ago

ABOUT US:

Skip is on a mission to make life joyful through powered movement.

Movement is a powerful way to build physical, mental and social health. Yet it is elusive for 2 billion people due to age, injury, or disability. We are building products that will restore mobility for millions and enable a new frontier of joyful movement experiences. We want to build a future where a grandparent can easily outrun their grandkids and no one is left behind at the trailhead.

Skip is a 24-person early-stage start-up that spun out of Google X in 2023. With deep cross-disciplinary expertise and key partnerships (e.g. with Arc’teryx) we are uniquely positioned to launch the first commercially successful wearable robotic device, the MO/GO, develop a platform to launch future Movewear products and transform millions of lives in the coming years.

THE ROLE:

We are seeking a highly motivated and adaptable engineer to own the infrastructure and security foundation that a fleet of wearable robots depends on. This means hardening our cloud and device infrastructure from the ground up, and building the PKI and device identity systems that let us ship trusted firmware to thousands of MO/GOs in customers' homes -- safely, verifiably, and at scale.

You'll work closely with our backend and firmware engineers as a core member of our small software team. There's no security org above you, no dedicated platform team below you. You'll be writing the playbook.

Some of the specific responsibilities include, but are not limited to:

  • Design and operate Skip's PKI infrastructure -- device certificate provisioning, certificate authority management, key lifecycle management, and revocation -- across our device fleet and cloud services

  • Own device identity and secure boot: ensure every MO/GO that leaves our factory is cryptographically authenticated and that firmware updates can only come from Skip

  • Harden our GCP infrastructure across networking, IAM, secrets management, and data isolation between Dev and Prod environments

  • Build and maintain security tooling for secrets management, vulnerability scanning, dependency auditing, and incident detection

  • Define and implement secure OTA (over-the-air) update pipelines that ensure firmware integrity from signing through delivery to device

  • Automate infrastructure provisioning and security configuration using Terraform and GCP-native tooling

  • Partner with firmware engineers to define embedded security requirements -- secure element usage, TrustZone, attestation -- and ensure cloud-side infrastructure meets them

  • Contribute to compliance readiness as we approach regulated market entry, including audit logging, access controls, and data handling practices

  • Wear prototypes several hours a week to participate in data collection, test new builds, and provide feedback

  • Bring joy to the team, participate in embarrassing team events, tolerate KZ's terrible music choices

Basic Qualifications

  • 6+ years of experience in infrastructure engineering, platform security, or a combined DevSecOps role

  • Hands-on experience designing and operating PKI systems: CA hierarchies, certificate provisioning at scale, key management, and revocation

  • Strong GCP or equivalent cloud infrastructure experience (IAM, VPC, Secret Manager, Cloud KMS, audit logging)

  • Experience with Infrastructure as Code (Terraform or equivalent)

  • Solid understanding of TLS, mTLS, code signing, and secure boot concepts in the context of connected devices or IoT

  • Experience with CI/CD security: signing pipelines, artifact attestation, secrets hygiene

  • Able to operate independently in a fast-paced environment where the security playbook is still being written

  • Ability to relocate to work at the Skip Bay Area office

  • Sense of humour, tolerant of Aussie & Canadian spelling

Bonus Points

  • Experience securing IoT or embedded device fleets at scale, including OTA update security

  • Familiarity with embedded security primitives: secure elements, TrustZone, TPM, or hardware attestation

  • Background in compliance frameworks relevant to connected medical or consumer devices (SOC 2, ISO 27001, FDA cybersecurity guidance)

  • Experience with BLE security and wireless protocol hardening

  • Experience in start-up environments

  • Personal motivation to improve human movement

This is a full time hybrid position working at the Skip office in the Dogpatch neighborhood of San Francisco.

Skip is an equal opportunity employer. Our hiring decisions are based on need and competence to satisfy said need. We do not discriminate on the basis of race, religion, color, gender, sexual orientation, gender identity, age, marital status, veteran status, disability status, or any other legally protected status.

Any and all offers of employment extended by Skip are conditional on candidates’ ability to provide satisfactory proof of eligibility to maintain full-time employment in the United States.

Job details

Workplace

Remote

Location

San Francisco

Similar
Skip logo

Skip

About

Meet the world's first powered clothing designed to help you tackle any elevation with less exertion, muscle fatigue, & joint discomfort. Pre-order today!

Online Presence

Key Team Members

Kunjal Raheja

Kunjal Raheja

Derek St Onge

Derek St Onge

Mohamed Ameer Irshad H.

Mohamed Ameer Irshad H.

Kathryn Zealand

Kathryn Zealand

Jobr Assistant extension

Get the extension →