The Role

As part of the Embedded Software team building the foundational software stack for the Cerebras Wafer-Scale Engine (WSE), this role sits at the heart of one of the most advanced computing systems in the world. The WSE powers breakthrough AI compute, and the embedded software you’ll help secure touches everything from low-level microcontrollers and wafer-scale monitoring logic to system administration services and CPU-level Linux/BSP components. As we scale our systems to new levels of performance and deployment, strengthening our security posture is a critical part of ensuring reliability, safety, and trust in Cerebras technology.

In this role, you will define, design, and own the embedded security domain end-to-end. You will architect mechanisms such as secure boot and Root-of-Trust, drive secure firmware development practices, and collaborate across security, operations, and manufacturing to ensure seamless deployment. This is a highly impactful senior position for an engineer who wants to combine deep systems expertise with strategic security ownership—your work will directly shape the security of next generation wafer scale systems.

Responsibilities

• Design and implement embedded security strategies for the Cerebras WSE platform, including secure boot, firmware authentication, and Root of Trust infrastructure.

• Maintain and enhance repositories such as Linux kernel, U-Boot, and CPU related BSP components.

• Partner closely with the Security Engineering team to define requirements, threat models, and the scope of work.

• Coordinate with Manufacturing and Operations to design deployment strategies, secure pipelines, and system provisioning workflows.

• Support general embedded development for microcontrollers and Linux level applications involved in monitoring and controlling the WSE.

• Drive best practices in secure coding, vulnerability mitigation, and long-term maintainability for embedded software components.

• Participate in code reviews, system design, and cross functional architectural discussions.

Skills & Qualifications

Minimum Qualifications

• Bachelor’s degree in computer engineering, Electrical Engineering, Computer Science, or related field.

• 5+ years of experience in embedded systems development (C/C++), firmware, or BSP-level work.

• Hands-on experience with embedded Linux, U-Boot, kernel configuration, or low-level driver development.

• Proficiency with secure boot concepts, cryptographic primitives for firmware security, and hardware/software root-of-trust mechanisms.

• Familiarity with microcontroller development, RTOS environments, or SoC/CPU boot flows.

• Ability to drive projects end-to-end with cross-functional teams (security, manufacturing, operations, hardware).

• Strong debugging skills with tools such as JTAG, logic analyzers, or serial consoles.

Preferred Qualifications

• Master’s degree in computer engineering, Electrical Engineering, Computer Science, or related field.

• Experience working with NXP or ARM-based SoCs, particularly around secure boot (HAB, AHAB) and related hardware security modules.

• Prior ownership of embedded security architecture for a product or platform.

• Experience with large distributed systems or datacenter deployment environments.

• Experience working with source control, build systems, and CI/CD pipelines for firmware or Linux distributions.

• Knowledge of vulnerability assessment, threat modeling, or secure firmware lifecycle processes.

The base salary range for this position is $175,000 to $275,000 annually. Actual compensation may include bonus and equity, and will be determined based on factors such as experience, skills, and qualifications.