About Us:

At Calfus, we are known for delivering cutting-edge AI agents and products that transform businesses in ways previously unimaginable. We empower companies to harness the full potential of AI, unlocking opportunities they never imagined possible before the AI era. Our software engineering teams are highly valued by customers, whether start-ups or established enterprises, because we consistently deliver solutions that drive revenue growth. Our ERP solution teams have successfully implemented cloud solutions and developed tools that seamlessly integrate with ERP systems, reducing manual work so teams can focus on high-impact tasks.

None of this would be possible without talent like you! Our global teams thrive on collaboration, and we’re actively looking for skilled professionals to strengthen our in-house expertise and help us deliver exceptional AI, software engineering, and solutions using enterprise applications.

As one of the fastest-growing companies in our industry, we take pride in fostering a culture of innovation where new ideas are always welcomed—without hesitation. We are driven and expect the same dedication from our team members. Our speed, agility, and dedication set us apart, and we perform best when surrounded by high-energy, driven individuals.

To continue our rapid growth and deliver an even greater impact, we invite you to apply for our open positions and become part of our journey!

About the role:

We are seeking a talented DevSecOps Engineer who will be responsible for ensuring that security is integrated into every part of our DevOps process. You will work closely with development and operations teams to automate, monitor, and optimize security across our development pipeline, cloud infrastructure, and deployment processes. This is a critical role to ensure that our products are secure by design and are compliant with industry standards.

What You’ll Do:

1. Security & Compliance

• Strong knowledge of security best practices in hardware and embedded systems.

• Experience with firmware security, secure boot, and TPM (Trusted Platform Module).

• Proficiency in threat modelling and risk assessment for hardware-based environments.

• Understanding of Zero Trust Architecture (ZTA) and network segmentation for IoT and embedded systems.

• Experience with secure coding practices for low-level programming (C/C++, Rust).

• Knowledge of security frameworks such as NIST, ISO 27001, CIS Benchmarks, and OWASP Firmware Security.

• Experience with HSM (Hardware Security Modules), cryptographic libraries (OpenSSL, BoringSSL), and secure key management.

2. Infrastructure & Automation

• Strong experience with Infrastructure as Code (IaC) tools like Terraform, Ansible, and CloudFormation.

• Hands-on experience with CI/CD pipelines (Jenkins, GitLab CI/CD, GitHub Actions, ArgoCD) for firmware and embedded software releases.

• Knowledge of automated security testing tools (e.g., SAST, DAST, fuzzing tools for firmware).

• Experience with container security (Docker security, Kubernetes security best practices).

• Proficiency in log management & SIEM (Splunk, ELK Stack, Graylog).

3. Hardware & Embedded Systems Security

• Understanding of hardware attack vectors (e.g., side-channel attacks, JTAG debugging vulnerabilities, bootloader exploits).

• Experience with reverse engineering hardware and firmware analysis using tools like Ghidra, IDA Pro, or Radare2.

• Knowledge of secure firmware development (e.g., Yocto, Buildroot, UEFI security).

• Familiarity with embedded OS security (e.g., Linux, RTOS, QNX, FreeRTOS).

• Hands-on experience with chipset security (ARM TrustZone, Intel SGX, AMD SEV).

4. Networking & Cloud Security

• Strong understanding of network protocols (TCP/IP, MQTT, CoAP) and their security implications for embedded devices.

• Experience with VPNs, TLS, and IPSec for securing hardware communications.

• Knowledge of cloud security for IoT platforms (AWS IoT, Azure IoT Hub, Google IoT Core).

• Familiarity with IoT security frameworks (e.g., ETSI EN 303 645, IoT Security Foundation).

5. Monitoring, Incident Response & Forensics

• Experience with SIEM tools for real-time threat detection in hardware environments.

• Knowledge of endpoint detection and response (EDR) solutions for embedded devices.

• Familiarity with memory forensics and firmware anomaly detection.

• Experience conducting post-mortem security analysis after breaches in IoT/hardware products.

6. Programming & Scripting

• Proficiency in scripting for automation and security hardening (Python, Bash, PowerShell).

• Strong knowledge of C/C++ and Rust for firmware security audits and patching vulnerabilities.

• Experience with kernel debugging tools (GDB, LLDB) and debugging secure boot issues.

7. Compliance & Regulatory Knowledge

• Familiarity with hardware security standards (e.g., FIPS 140-2/140-3, Common Criteria, TCG standards).

• Experience with GDPR, HIPAA, and CCPA compliance for data security in embedded systems.

• Understanding of safety-critical certifications (e.g., ISO 26262 for automotive, IEC 62443 for industrial IoT).