Hardware Engineer
Job Description
A satellite communications business in Dubai is hiring a Cryptography Engineer to build and harden secure comms for real-world, mission-critical systems. If you’ve shipped crypto into constrained environments (embedded / RF / satcom / defence-grade networks) and you care about doing it properly — threat models, key management, secure boot, the lot — this one’s for you.
- 8–12 years in security/cryptography engineering, with 3–5 years specifically owning crypto designs in production systems
- Background in satcom / aerospace / defence / telecoms / embedded security (one of these), comfortable in high-assurance environments
- Mix of hands-on implementation + architecture: can write code, review code, and defend design decisions in front of auditors and engineering leadership
Core experience (must-have)
- Cryptographic engineering (real implementation, not theory-only):
- Encryption, signing, integrity, authentication, secure session establishment
- Practical use of modern primitives (e.g., AES-GCM/ChaCha20-Poly1305, Ed25519/ECDSA, X25519/ECDH, HKDF, SHA-2/3)
- Key management end-to-end:
- Key generation, rotation, revocation, backup/recovery, secure provisioning at scale
- Experience with HSM / TPM / secure element / cloud KMS patterns
- Secure systems design:
- Threat modelling (STRIDE or equivalent), security requirements, misuse cases
- Secure boot, firmware signing, device identity, attestation (strong preference)
- Engineering discipline:
- Builds testable crypto modules, fuzzing/property tests where appropriate
- Clear documentation for protocols, key lifecycle, and operational runbooks
Satcom / constrained environment relevance (strong preference)
- Has shipped security into constrained or high-latency networks:
- Embedded Linux / RTOS / firmware constraints
- Bandwidth/latency trade-offs, intermittent connectivity, link-layer realities
- Familiar with secure comms concepts relevant to satcom:
- Link encryption vs end-to-end encryption
- OTA updates with signed payloads, secure provisioning, device fleet management
Tech stack (typical)
- Languages: C/C++, Rust, Go, or Python (at least one “systems” language strongly)
- Crypto libraries: OpenSSL/BoringSSL, libsodium, mbedTLS, wolfSSL (or equivalent)
- Tooling: Git, CI/CD, static analysis, SAST/DAST basics, fuzzing (AFL/libFuzzer), packet analysis (Wireshark)
- Platforms: Embedded Linux, Yocto, ARM, secure enclaves/TPM integrations (bonus)
Soft skills / working style
- Calm, methodical, and opinionated in the right way (knows what “good” looks like)
- Can translate crypto risk into business impact without fear-mongering
- Works well with RF/firmware/platform teams; doesn’t operate as a siloed “security gate”
- Comfortable being the owner when something goes wrong (incident mindset, root cause, remediation)
- AED 55k: strong crypto engineer with relevant embedded/telecom exposure, growing into satcom ownership
- AED 70k: proven owner of crypto architecture in regulated/high-assurance systems, shipped at scale, strong key management + device security background
Responsibilities Duties:
What you’ll do
- Design and implement cryptographic protocols for secure satellite communications (data-in-transit + data-at-rest)
- Build and maintain key management approaches (generation, rotation, storage, revocation) across devices and services
- Work on secure authentication, encryption, signing, and integrity for links and payloads
- Threat model systems end-to-end and partner with engineering teams to close real vulnerabilities (not theoretical ones)
- Support security reviews, audits, and pen-test remediation with clear technical ownership
- Document designs so they’re maintainable, testable, and defensible
What we’re looking for
- Strong hands-on cryptography engineering experience (not just security generalist work)
- Solid understanding of modern crypto primitives and when to use them (and when not to)
- Experience with secure key storage (HSMs, TPMs, secure elements, KMS) and practical key lifecycle management
- Comfortable working close to the metal when needed (embedded, firmware, constrained compute, performance trade-offs)
- Ability to explain crypto decisions clearly to non-crypto engineers and leadership
Nice to have (not required)
- Satcom, RF, aerospace/defence, or high-assurance environments
- Experience with secure boot, attestation, hardware-backed identity
- Familiarity with compliance/security standards used in regulated environments
- Experience building secure protocols or contributing to security-critical libraries
Why this role
- Dubai-based satcom environment with real technical problems and real-world constraints
- High ownership: you’ll shape security architecture, not just review it
- Competitive package: AED 55k–70k/month depending on depth and relevance