{"schemaVersion":"jobsearcher.job.v1","id":"db51ae9f7a7f864c5a302d22","url":"https://jobsearcher.com/jobs/db51ae9f7a7f864c5a302d22","canonicalUrl":"https://jobsearcher.com/jobs/db51ae9f7a7f864c5a302d22","title":"Infrastructure Security Engineer","description":"ABOUT US\r\nSkip is on a mission to make life joyful through powered movement.\r\nMovement is a powerful way to build physical, mental and social health. Yet it is elusive for 2 billion people due to age, injury, or disability. We are building products that will restore mobility for millions and enable a new frontier of joyful movement experiences. We want to build a future where a grandparent can easily outrun their grandkids and no one is left behind at the trailhead.\r\nSkip is a 24-person early-stage start-up that spun out of Google X in 2023. With deep cross-disciplinary expertise and key partnerships (e.g. with Arc'teryx) we are uniquely positioned to launch the first commercially successful wearable robotic device, the MO/GO, develop a platform to launch future Movewear products and transform millions of lives in the coming years.\r\nTHE ROLE\r\nWe are seeking a highly motivated and adaptable engineer to own the infrastructure and security foundation that a fleet of wearable robots depends on. This means hardening our cloud and device infrastructure from the ground up, and building the PKI and device identity systems that let us ship trusted firmware to thousands of MO/GOs in customers' homes -- safely, verifiably, and at scale.\r\nYou'll work closely with our backend and firmware engineers as a core member of our small software team. There's no security org above you, no dedicated platform team below you. You'll be writing the playbook.\r\nSome of the specific responsibilities include, but are not limited to:\r\nDesign and operate Skip's PKI infrastructure -- device certificate provisioning, certificate authority management, key lifecycle management, and revocation -- across our device fleet and cloud services\r\nOwn device identity and secure boot: ensure every MO/GO that leaves our factory is cryptographically authenticated and that firmware updates can only come from Skip\r\nHarden our GCP infrastructure across networking, IAM, secrets management, and data isolation between Dev and Prod environments\r\nBuild and maintain security tooling for secrets management, vulnerability scanning, dependency auditing, and incident detection\r\nDefine and implement secure OTA (over-the-air) update pipelines that ensure firmware integrity from signing through delivery to device\r\nAutomate infrastructure provisioning and security configuration using Terraform and GCP-native tooling\r\nPartner with firmware engineers to define embedded security requirements -- secure element usage, TrustZone, attestation -- and ensure cloud-side infrastructure meets them\r\nContribute to compliance readiness as we approach regulated market entry, including audit logging, access controls, and data handling practices\r\nWear prototypes several hours a week to participate in data collection, test new builds, and provide feedback\r\nBring joy to the team, participate in embarrassing team events, tolerate KZ's terrible music choices\r\nBasic Qualifications\r\n6+ years of experience in infrastructure engineering, platform security, or a combined DevSecOps role\r\nHands-on experience designing and operating PKI systems: CA hierarchies, certificate provisioning at scale, key management, and revocation\r\nStrong GCP or equivalent cloud infrastructure experience (IAM, VPC, Secret Manager, Cloud KMS, audit logging)\r\nExperience with Infrastructure as Code (Terraform or equivalent)\r\nSolid understanding of TLS, mTLS, code signing, and secure boot concepts in the context of connected devices or IoT\r\nExperience with CI/CD security: signing pipelines, artifact attestation, secrets hygiene\r\nAble to operate independently in a fast-paced environment where the security playbook is still being written\r\nAbility to relocate to work at the Skip Bay Area office\r\nSense of humour, tolerant of Aussie & Canadian spelling\r\nBonus Points\r\nExperience securing IoT or embedded device fleets at scale, including OTA update security\r\nFamiliarity with embedded security primitives: secure elements, TrustZone, TPM, or hardware attestation\r\nBackground in compliance frameworks relevant to connected medical or consumer devices (SOC 2, ISO 27001, FDA cybersecurity guidance)\r\nExperience with BLE security and wireless protocol hardening\r\nExperience in start-up environments\r\nPersonal motivation to improve human movement\r\nThis is a full time hybrid position working at the Skip office in the Dogpatch neighborhood of San Francisco.\r\nSkip is an equal opportunity employer. Our hiring decisions are based on need and competence to satisfy said need. We do not discriminate on the basis of race, religion, color, gender, sexual orientation, gender identity, age, marital status, veteran status, disability status, or any other legally protected status.\r\nAny and all offers of employment extended by Skip are conditional on candidates' ability to provide satisfactory proof of eligibility to maintain full-time employment in the United States.\r\nJ-18808-Ljbffr","company":"Skip","rawCompany":"skip","city":"Millbrae","state":"CA","isRemote":false,"isActive":true,"createdAt":"2026-07-04T03:22:31.616Z","occupations":[{"code":"15-1299.08","title":"Computer Systems Engineers/Architects","slug":"computer-systems-engineers-architects"},{"code":"15-1299.05","title":"Information Security Engineers","slug":"information-security-engineers"},{"code":"15-1212.00","title":"Information Security Analysts","slug":"information-security-analysts"}],"industries":[{"code":"541512","title":"Computer Systems Design Services","slug":"computer-systems-design-services"},{"code":"541511","title":"Custom Computer Programming Services","slug":"custom-computer-programming-services"},{"code":"513210","title":"Software Publishers","slug":"software-publishers"}],"jobPosting":{"@context":"https://schema.org","@type":"JobPosting","title":"Infrastructure Security Engineer","description":"ABOUT US\r\nSkip is on a mission to make life joyful through powered movement.\r\nMovement is a powerful way to build physical, mental and social health. Yet it is elusive for 2 billion people due to age, injury, or disability. We are building products that will restore mobility for millions and enable a new frontier of joyful movement experiences. We want to build a future where a grandparent can easily outrun their grandkids and no one is left behind at the trailhead.\r\nSkip is a 24-person early-stage start-up that spun out of Google X in 2023. With deep cross-disciplinary expertise and key partnerships (e.g. with Arc'teryx) we are uniquely positioned to launch the first commercially successful wearable robotic device, the MO/GO, develop a platform to launch future Movewear products and transform millions of lives in the coming years.\r\nTHE ROLE\r\nWe are seeking a highly motivated and adaptable engineer to own the infrastructure and security foundation that a fleet of wearable robots depends on. This means hardening our cloud and device infrastructure from the ground up, and building the PKI and device identity systems that let us ship trusted firmware to thousands of MO/GOs in customers' homes -- safely, verifiably, and at scale.\r\nYou'll work closely with our backend and firmware engineers as a core member of our small software team. There's no security org above you, no dedicated platform team below you. You'll be writing the playbook.\r\nSome of the specific responsibilities include, but are not limited to:\r\nDesign and operate Skip's PKI infrastructure -- device certificate provisioning, certificate authority management, key lifecycle management, and revocation -- across our device fleet and cloud services\r\nOwn device identity and secure boot: ensure every MO/GO that leaves our factory is cryptographically authenticated and that firmware updates can only come from Skip\r\nHarden our GCP infrastructure across networking, IAM, secrets management, and data isolation between Dev and Prod environments\r\nBuild and maintain security tooling for secrets management, vulnerability scanning, dependency auditing, and incident detection\r\nDefine and implement secure OTA (over-the-air) update pipelines that ensure firmware integrity from signing through delivery to device\r\nAutomate infrastructure provisioning and security configuration using Terraform and GCP-native tooling\r\nPartner with firmware engineers to define embedded security requirements -- secure element usage, TrustZone, attestation -- and ensure cloud-side infrastructure meets them\r\nContribute to compliance readiness as we approach regulated market entry, including audit logging, access controls, and data handling practices\r\nWear prototypes several hours a week to participate in data collection, test new builds, and provide feedback\r\nBring joy to the team, participate in embarrassing team events, tolerate KZ's terrible music choices\r\nBasic Qualifications\r\n6+ years of experience in infrastructure engineering, platform security, or a combined DevSecOps role\r\nHands-on experience designing and operating PKI systems: CA hierarchies, certificate provisioning at scale, key management, and revocation\r\nStrong GCP or equivalent cloud infrastructure experience (IAM, VPC, Secret Manager, Cloud KMS, audit logging)\r\nExperience with Infrastructure as Code (Terraform or equivalent)\r\nSolid understanding of TLS, mTLS, code signing, and secure boot concepts in the context of connected devices or IoT\r\nExperience with CI/CD security: signing pipelines, artifact attestation, secrets hygiene\r\nAble to operate independently in a fast-paced environment where the security playbook is still being written\r\nAbility to relocate to work at the Skip Bay Area office\r\nSense of humour, tolerant of Aussie & Canadian spelling\r\nBonus Points\r\nExperience securing IoT or embedded device fleets at scale, including OTA update security\r\nFamiliarity with embedded security primitives: secure elements, TrustZone, TPM, or hardware attestation\r\nBackground in compliance frameworks relevant to connected medical or consumer devices (SOC 2, ISO 27001, FDA cybersecurity guidance)\r\nExperience with BLE security and wireless protocol hardening\r\nExperience in start-up environments\r\nPersonal motivation to improve human movement\r\nThis is a full time hybrid position working at the Skip office in the Dogpatch neighborhood of San Francisco.\r\nSkip is an equal opportunity employer. Our hiring decisions are based on need and competence to satisfy said need. We do not discriminate on the basis of race, religion, color, gender, sexual orientation, gender identity, age, marital status, veteran status, disability status, or any other legally protected status.\r\nAny and all offers of employment extended by Skip are conditional on candidates' ability to provide satisfactory proof of eligibility to maintain full-time employment in the United States.\r\nJ-18808-Ljbffr","datePosted":"2026-07-04T03:22:31.616Z","dateModified":"2026-07-04T03:22:31.616Z","hiringOrganization":{"@type":"Organization","name":"Skip","sameAs":"https://jobsearcher.com"},"jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Millbrae","addressRegion":"CA","addressCountry":"US"}},"identifier":{"@type":"PropertyValue","name":"JobSearcher","value":"db51ae9f7a7f864c5a302d22"},"url":"https://jobsearcher.com/jobs/db51ae9f7a7f864c5a302d22"}}