Network & Security Engineer

· Berlin, Germany · Full-time

Role Overview:

We are looking for a Network & Security Engineer to lead the design and implementation of secure, low-latency communications for our stationary, ground-based counter-drone systems. You’ll build and harden the networking infrastructure that connects our edge computing platforms, sensors, and turrets, while protecting against adversarial threats like spoofing, jamming, and remote intrusion.

This is a hands-on, foundational role at a pre-seed startup, ideal for someone who thrives at the intersection of real-time robotics, embedded systems, and cybersecurity. You’ll be responsible for both the network architecture and security posture of our entire system—from firmware signing and secure boot to LTE uplinks and encrypted ROS 2 communication.

Key Responsibilities

  • Design the system-wide network architecture, including:
    • Low-latency communication between stationary turrets, edge compute nodes, and centralized controllers.
    • Secure remote connectivity over LTE/5G uplinks for monitoring, maintenance, and OTA updates.
    • Reliable, encrypted communication for ROS 2 / DDS-based real-time messaging and telemetry.
  • Implement robust cybersecurity mechanisms, such as:
    • Secure boot, firmware signing, and trusted platform module (TPM) integration.
    • Encryption of data at rest and in transit (TLS, VPNs, secure ROS 2).
    • Role-based access control, key management, and system authentication for local and remote operations.
  • Defend against adversarial threats in the field:
    • Design and implement defenses against RF spoofing, jamming, and man-in-the-middle attacks.
    • Monitor for anomalies and intrusions in system-level communications.
    • Ensure real-time systems maintain integrity even under active threat conditions.
  • Establish secure OTA (Over-the-Air) update pipelines, ensuring safe and authenticated software deployments with rollback support.
  • Harden embedded systems by:
    • Locking down Linux configurations (AppArmor, iptables, user restrictions).
    • Limiting attack surfaces across firmware, network interfaces, and public endpoints.
    • Enabling system auditing, logging, and alerting for critical events.
  • Integrate and test all network and security features across prototype and production hardware.
    • Tune network performance for minimal latency and deterministic communication between nodes.
    • Validate security assumptions in both simulation and field environments.
  • Act as the security lead on the team:
    • Perform threat modeling and risk assessments.
    • Define best practices for internal development and deployment.
    • Lead incident response planning and root-cause analysis for security-related issues.

Required Qualifications

  • Strong networking experience, including:
    • TCP/UDP, VPNs, IP routing, firewalls, and VLANs.
    • Experience with DDS/RTPS middleware, ideally within the ROS 2 ecosystem.
    • LTE/5G network integration and optimization for edge systems.
  • Embedded systems and device-level security expertise:
    • Hands-on experience with secure boot, firmware signing, and TPM/HSM.
    • Understanding of zero-trust architectures, public key infrastructure, and secure provisioning.
    • Familiarity with common attack vectors in robotics and IoT deployments.
  • C++ and/or Python programming skills:
    • Experience developing secure network services or implementing secure communication protocols.
    • Ability to modify and secure existing ROS 2 nodes or middleware.
  • Linux system-level knowledge:
    • Hardened Linux builds (e.g. with AppArmor, SELinux, iptables).
    • Comfort working with system logs, monitoring tools, and embedded Linux environments (e.g., Yocto, Buildroot).
  • Experience with security in adversarial or mission-critical systems, such as defense, aerospace, or autonomous vehicles.

Preferred Qualifications

  • Familiarity with real-time and low-latency systems, and how to secure them without breaking timing guarantees.
  • Experience with OTA update systems, such as Mender, RAUC, or custom secure update frameworks.
  • Knowledge of RF security or SDR tools for detecting spoofing or jamming.
  • Prior use of SROS 2 or other ROS 2 security tools (e.g., DDS Security plugins).
  • Understanding of cybersecurity frameworks like NIST 800-53, CMMC, or ITAR/NDAA compliance.
  • Experience working in an early-stage startup or R&D-heavy environment.
  • Prior exposure to DevSecOps, automated compliance tools, or CI/CD pipelines for embedded systems.

Who You Are (Startup Mindset)

  • Security-minded, performance-aware: You understand the unique challenge of securing systems that must also react within milliseconds. You know when to lock down a surface and when to prioritize real-time behavior.
  • Autonomous and hands-on: You’re equally comfortable designing the system and writing the code to make it real. You don’t just identify risks—you fix them.
  • Adaptable: You thrive in a fast-paced environment with shifting constraints and ambiguous requirements. You can handle change and drive progress without waiting for perfect specs.
  • Mission-driven: You care deeply about the role of technology in protecting public safety and infrastructure. You take your responsibility seriously when building software that matters.
← Back to all jobs