Aurora delivers the benefits of self-driving technology safely, quickly, and broadly.
At Aurora, we’re on a mission to deliver the benefits of self-driving technology safely, quickly, and broadly. It all starts with the Aurora Driver, a platform created from industry-leading hardware and software and designed to adapt across a variety of vehicle types and industries.
We’re led by a team of self-driving luminaries, and we’ve forged strategic partnerships with leading transportation companies—including ride-hailing network Uber, truck-manufacturers PACCAR and Volvo Trucks, and the world’s largest automaker Toyota—setting us up to deliver the Aurora Driver in both trucks and passenger vehicles. We are funded by Amazon, Uber, T Rowe Price, and some of Silicon Valley’s best venture capital firms, including Sequoia, Greylock, and Index Ventures.
Aurora is in the best position to lead the self-driving space with a team of unparalleled depth and expertise, the technology to deliver, and the partnerships to build a transformative business for the long-term.
Aurora’s Product Security team’s mission is to discover, mitigate, and prevent security risks in the software, hardware, and services developed by Aurora.
Our team is responsible for ensuring the secure design and implementation of the technology built for the Aurora Driver as well as continually improving the assurance levels of security across all of Aurora’s Products. This team is also responsible for performing technical security assessments, threat modeling, security code reviews and vulnerability testing to highlight risk and help various engineering teams and partners to improve security. We work closely with engineers across Aurora as well as 3rd party partners to design and proactively integrate initiatives to enhance security across a wide variety of software or hardware domains and technology stacks.
We are searching for an experienced Security Engineer who is excited to ensure the highest level of security standards for Aurora’s products and focus on uncovering security vulnerabilities to reduce risk for the autonomous vehicle platform to join us on this mission.
Job level is negotiable based on experience. Remote work is approved for US-based employees, including for post-pandemic.
In this role you will
- Perform technical security assessments and reviews, research, uncover, and reproduce vulnerabilities, design secure protocols and systems, and write tests and fuzzers to drive architecture changes
- Assess the risks across the Aurora Driver Platform and prioritize high value components (software and/or hardware) for critical and high security vulnerabilities
- Comfort employing techniques including reverse engineering, fuzzing, and static and/or dynamic analysis
- Conduct research to identify new and novel attack vectors against Aurora’s products and services
- Review, develop and document secure operational best practices, and provide security guidance for engineers and various internal and external partners
- Foundational knowledge of operating system security for Linux
- Foundational knowledge of the CWE Top 25
- Ability to assess software and/or hardware components with and without full knowledge
- Ability to work well with other assessment members and engineering partners
- Ability to communicate effectively with technical and non-technical audiences
- Experience in one or more of the following: risk assessment, threat modeling, incident and emergency response, OS hardening, vulnerability management, pentesting, offensive security or cryptographic protocols and concepts
- Experience in vulnerability discovery and analysis, design review, and code-level security reviews
- Experience in, and technical knowledge of security engineering, computer and network security, authentication and security protocols, and applied cryptography.
- Experience with assessment, development, implementation, and documentation of a comprehensive and broad set of security technologies and processes
- Familiarity in Security Assurance / Secure-SDLC processes in an agile / waterfall environment
- Experience building and evaluating threat models / risk assessments
- Minimum 6 years of experience in a security-specific or security-adjacent industry
- Relevant work experience in offensive security, penetration testing or red teaming
- Experience implementing various Defence in Depth Strategies to address dynamic threats across various software and hardware stacks.
- Ability and desire to write production-quality code in C++, Golang, or Python
- Experience evaluating the security of software, hardware and services
- Foundational knowledge of embedded firmware security and hardware security, preferably in the robotics or automotive space
- Familiarity with cloud security (AWS) and infrastructure-as-code
- Familiarity with Trusted Platform Modules, HSMs, and trusted boot
- A history of giving back to the security industry via open source contributions, published papers, or conference presentations
Working at Aurora
At Aurora, we bring together people with extraordinary talent and experience united by the strength of our values. We operate with integrity, set outrageous goals, and continue to build a culture where we win together—all without any jerks.
We have offices in Pittsburgh, Mountain View, San Francisco, Bozeman, Dallas and Seattle. We also offer a competitive benefits package that supports the whole you, including:
- Competitive salary, bonus and RSU package
- Premium choices for Medical, vision, and dental
- 401k benefits
- Life and disability benefits
- 18 weeks paid leave for new parents and caregivers
- Flexible vacation and company paid holidays
- Fertility benefits through Carrot
- Working from home support
- Professional growth and mentorship opportunities through the Aurora Academy
- Wellness Platforms (Spring Health, Headspace, Aaptiv, Quit Genius)
We believe that self-driving technology has broad benefits – including an increase in safety and access to transportation – and to achieve those benefits, we want and need a workforce with diverse experiences, insights, and perspectives; said another way, a workforce that reflects the communities and people our technology will benefit.
Individuals seeking employment at Aurora are considered without regard to race, color, religion, national origin, age, sex, gender, gender identity, gender expression, sexual orientation, marital status, pregnancy status, parent or caregiver status, ancestry, political affiliation, veteran and/or military status, physical or mental disability, or any other status protected by federal or state law.
Founded in 2017, Aurora was started by industry luminaries, and now we’re a team with a multitude of perspectives and experiences. Chris Urmson helped lead Carnegie Mellon’s efforts in Darpa’s Grand Challenges, then was a founding member of Google’s self-driving team. Sterling Anderson worked on the tech at MIT before leading Tesla’s Model X and Autopilot programs. Drew Bagnell, also a Carnegie Mellon alum, is a machine learning expert who helped build Uber’s autonomy effort. Regarded as the most experienced leadership team in the industry, these three bring decades of expertise, passion and focus to realizing our mission.