On site: This role is on site 4 days per week
Security Clearance: Sole British born citizenship ***
Secure Boot & SoC Integration
Experience with Arm Cortex-M/A SoCs, secure boot chains (TF-M, MCUboot), device tree configuration, and hardware bring-up for mission-critical platforms.
Key Skills
* TF-M integration: Building secure/non-secure images, configuring partitions, enabling PSA services.
* MCUboot: Understanding slot layout, signature verification, serial recovery.
* U-Boot/FreeRTOS familiarity: knowledge of device trees and bootloaders (U-Boot, TF-A) to support future expansion plans.
* Security fundamentals: Public key infrastructure, image signing, secure provisioning.
* Debug tools: JTAG/SWD (SEGGER J-Link), CubeProgrammer, and familiarity with OTP fuses and debug lock.
Core Profile
* Embedded Systems Engineer (Secure Boot & SoC Integration)
* Focused on Arm-based SoCs, with experience in:
* Boot chains (ROM → FSBL → TF-M/MCUboot → application)
* Secure boot concepts (chain of trust, key provisioning, anti-rollback)
* Arm TrustZone for Cortex-M (SAU/IDAU configuration)
* Device tree configuration for complex SoCs (MPUs with multiple cores)
* Flash partitioning and update mechanisms (MCUboot, PSA FWU)
* Low-level bring-up (clocks, memory controllers, OctoSPI/NOR, UART)
Experience Indicators
* Worked on STM32MP1/MP2, NXP i.MX, or similar SoCs.
* Delivered secure boot implementations for aerospace/defence or IoT platforms.
* Comfortable with bare-metal and RTOS environments, but also understands SoC complexity (firewalls, TrustZone, multiple cores).