Experience: 10+ years
Location: Noida
Employment Type: Full‑time
Team: Platform / Systems / Security Engineering

Role Summary

We’re looking for a Principal Software Engineer who combines deep systems expertise with security-first design. You will lead architecture and development across Linux kernel, boot loader, and user‑space middleware, building secure, reliable, and performant platforms that power our next-generation [products/platforms]. You’ll set technical direction, elevate engineering standards, mentor senior engineers, and partner with cross-functional stakeholders to deliver high-impact outcomes.

What You’ll Do

• Design and implement security features in boot loader complementing secure boot, measured boot, and chain of trust.
• Design and implement security features in Linux kernel features (e.g., device drivers, filesystems, networking stack, security modules).
• Build and optimize user‑space middleware (e.g., IPC frameworks, OpenSSL, DPDK) leveraging Userspace drivers.
• Implement and integrate security protocols (e.g., TLS 1.3, DTLS, IPsec, SSH,) and hardware-backed key management.
• Drive threat modeling, secure design reviews, and code audits, ensuring compliance with best practices (e.g., ASLR, stack canaries, SELinux/AppArmor policies).
• Lead performance and reliability engineering including profiling, tracing (ftrace, eBPF, perf), memory safety, and resource efficiency.
• Define platform CI/CD for low-level software (artifact signing, SBOMs, reproducible builds, Yocto/Buildroot/DEB/RPM pipelines).
• Mentor and grow engineers, guide technical roadmaps, and make pragmatic build/buy/OSS leverage decisions.
• Collaborate with Design team, IP team, DevOps, product, and QA to meet functional, performance, and certification goals.

Qualifications (Required)

• 10+ years of professional experience in systems/embedded/platform engineering, including technical leadership at team or org scale.
• Expert in C/C++ for systems-level development; nice to have proficiency in Rust for memory‑safe components.
• Demonstrated depth in Linux kernel internals (at least two areas): drivers, MM, scheduler, net, filesystems, security modules (LSMs), eBPF.
• Hands-on boot loader development and customization (U‑Boot, GRUB, secure boot flows, measured boot, boot-time diagnostics).
• Strong knowledge of security protocols and cryptography (TLS/IPsec, X.509/PKI, key exchange, HSM/TPM, secure storage, attestation).
• Experience building user‑space middleware (IPC, service management with systemd, observability/logging, configuration frameworks).
• Proficiency with Linux build systems and distributions for embedded/platform (Yocto/OpenEmbedded, Buildroot) or enterprise (Deb/RPM).
• Proven ownership of architecture/design documents, RFCs, and shipping production-quality platform software.
• Debugging mastery using kernel/user tools (kgdb, crash, perf, ftrace, strace, gdb, BPF tools) on real hardware/virtualized targets.

Nice to Have

• Trusted execution & firmware: ARM TrustZone, OP‑TEE, Intel SGX/TDX, AMD SEV, TF‑A, UEFI, ACPI/Device Tree.
• Virtualization & containers: KVM/QEMU, Kata Containers, cgroups, namespaces; container security (seccomp, SELinux/AppArmor).
• Networking & storage: DPDK, SR-IOV, NVMe, RDMA, io_uring; high‑throughput low‑latency pipeline design.
• Safety/security certifications: FIPS 140‑3 validation, Common Criteria, ISO 27001/21434, AUTOSAR, IEC 62443.
• Secure software supply chain: artifact signing, SBOM (SPDX/CycloneDX), SLSA levels, reproducible builds.
• Scripting/automation: Python, Bash; Bazel/CMake/Meson; advanced CI (GitHub Actions, GitLab, Jenkins, Buildkite).
• Observability: eBPF tracing, LTTng, SystemTap, ETW analogs; production telemetry & fleet operations.
• HW familiarity: SoC bring‑up, board support packages (BSP), JTAG, oscilloscopes, power/thermal profiling.

More information about NXP in India...