Software Engineer - Linux Kernel & Virtualization (Remote in EMEA)

About CENSUS 

CENSUS LABS is a cybersecurity engineering powerhouse specializing in securing products and organizations. Our identity is rooted in professionalism, engineering excellence, a scientific mindset, and hacking demeanor. We are research-driven, enabling us to deliver a diverse range of professional services.  

CENSUS is trusted to conduct high-impact product security engagements, helping our clients secure their solutions from design to deployment, using realistic and risk-informed approaches. Our expertise spans end-to-end systems, including Secure Communications, IoT, Medical Devices, Mobile, and Vehicle Computing platforms.  

Learn more about CENSUS at census-labs.com. 

About the Job 

CENSUS’ bespoke cybersecurity services are powered by a multidisciplinary team of Security Engineers, Consultants, and Researchers who go far beyond traditional security assessments. Guided by our Engineering Managers, our teams deliver deep technical evaluations of complex systems and drive measurable, engineering-grade improvements for clients. 

We are seeking a Systems Software Engineer with strong expertise in Linux kernel development, secure virtualization, trusted execution, and hardware bring-up across ARM and x86_64 platforms. 

In this role, you will architect and implement the secure virtualization layer of a custom Linux-based platform, working at the intersection of kernel internals, hypervisor technologies, and hardware-backed security. You will design features, optimize performance, enforce isolation guarantees, and harden the virtualization stack for mission-critical applications. 

Key Responsibilities 

Architecture & Design 

• Design virtualization, partitioning, and isolation mechanisms tailored to underlying CPU and SoC capabilities (e.g., ARM Virtualization Extensions, Intel VT-x, IOMMU/SMMU, hardware security modules). 

• Define robust security policies for inter-VM communication, device passthrough, and memory isolation to maintain strong trust boundaries. 
  

Kernel, Hypervisor & VMM Development 

• Implement kernel-level, KVM-level, and VMM-level components supporting secure inter-VM messaging, memory partitioning, vCPU isolation, I/O protection, and device reassignment. 

• Develop security-centric features that deliver low-latency performance in resource-constrained or embedded contexts. 
  

Integration & Ecosystem Alignment 

• Integrate virtualization features into build and CI pipelines, bootloaders (U-Boot, GRUB), and platform initialization sequences. 

• Implement secure VM bootstrapping and maintain alignment with upstream kernel developments for long-term maintainability. 
  

Hardening, Stabilization & Threat Mitigation 

• Harden kernel configurations and hypervisor boundaries against cross-VM exploits, side-channel attacks, and isolation failures. 

• Perform regression testing, vulnerability assessments, and issue triage across multi-architecture builds. 
  

Porting, Prototyping & Evaluation 

• Adapt virtualization stacks across ARM and x86_64 architectures and prototype new microvisor/KVM hybrids for specialized use cases. 

• Evaluate alternative virtualization technologies (e.g., AMD SEV-SNP/VMPL, Intel TDX, TrustZone-based microvisors) and provide data-driven recommendations. 
  

Kernel Maintenance & Optimization 

• Diagnose and debug core Linux subsystems, improve boot performance, reinforce real-time capabilities, and optimize memory usage for embedded platforms. 

• Mentor junior engineers and collaborate with globally distributed teams on kernel and hypervisor development best practices. 
  

Minimum Qualifications 

• MSc or BSc in Computer Science, Electrical/Computer Engineering, Electronics Engineering, or equivalent practical experience. 

• 8+ years of embedded Linux or systems-level development, with significant hands-on experience in Linux kernel programming. 

• Demonstrated experience building or securing virtualization systems using KVM or similar hypervisors in production. 

• Excellent spoken/written English and strong communication skills. 

Required Skills 

Kernel Internals 

• Strong understanding of device trees, platform initialization, power management frameworks, netfilter/virtio networking, and real-time patches (PREEMPT_RT). 

• Experience tuning filesystems and storage for embedded environments (ext4, F2FS, etc.). 
  

Core Technical Expertise 

• Deep understanding of Linux kernel architecture, including virtual machine management (CROSVM/QEMU), hypervisor extensions, trusted execution extensions (ARM TZ, Intel SGX/TDX), memory management (SLAB/SLUB, OOM), scheduling (CFS), and interrupt handling (IRQs/softirqs). 
  

Tools & Languages 

• Advanced proficiency in C for kernel development; familiarity with Rust for safe systems code is a plus. 

• Experience with debugging and tracing tools (KGDB, ftrace, perf) and build ecosystems (Nix, Yocto, or equivalent). 
  

Architecture & Porting 

• Skilled in cross-compilation for AArch64 and x86_64, driver development/porting, CROSVM or QEMU-based prototyping, and performance profiling. 
  

Memory Translation Expertise 

• Strong knowledge of ARM stage-1 and stage-2 translations, page table formats, and fault handling. 

• Equivalent expertise on x86 (EPT/NPT, shadow paging, INVPCID, TLB management). 

• Ability to work with hierarchical page tables, superpages, dynamic stage-2 allocations, and hypervisor-guest mapping coherence. 
  

Performance & Security Optimization 

• Experience reducing translation overhead, mitigating TLB thrashing, and implementing efficient paging strategies in multi-VM setups. 

• Understanding of modern security features like encrypted memory (e.g., SEV-SNP), MTE, and attestation mechanisms tied to memory integrity. 
  

Nice-to-Have Skills 

• Exposure to alternative VMMs/hypervisors (Firecracker, crosvm, microvisors). 

• Knowledge of secure boot chains (UEFI, TPM), firmware attestation, and embedded latency benchmarking. 

• Strong analytical skills, excellent documentation habits, and comfort working in distributed multi-vendor environments 

• Experience collaborating with geographically distributed, cross-functional engineering teams. 

• Contributions to open-source kernel, hypervisor, or virtualization projects. 
  

OUR Values & Core Competencies

Act with Integrity

We uphold the highest ethical standards and take full responsibility in every action — whether securing systems, researching vulnerabilities, or collaborating with clients. Trust is the foundation of our impact.

Collaborate with Trust

We bring together diverse perspectives across disciplines and borders, knowing that collective intelligence leads to stronger, more resilient outcomes.

Challenge with Curiosity

We question deeply, explore fearlessly, and pursue knowledge relentlessly to uncover threats, solve root problems, and drive smarter security decisions.

Innovate to Protect

We create with purpose — building secure, scalable, and forward-looking solutions that safeguard people, organizations, and the digital future.

Adapt with Precision

We move with speed and discipline — learning from failure, refining our approach, and staying focused amid complexity and constant change.

Ready to Make an Impact?

📩 Apply today!