Job Information
MathWorks Code Signing & Secure Software Infrastructure Engineer in Natick, Massachusetts
Code Signing & Secure Software Infrastructure Engineer
JavaScript Not Enabled Your browser settings are preventing you from taking full advantage of the MathWorks Careers application. You can enable JavaScript within the Options or Preferences menu of most browsers. For explicit instructions for your particular browser, visit www.enable-javascript.com.
Apply Now
Job: 36672-GMAR
Team:Infrastructure and Architecture
Location:US-MA-Natick
Salary Range: $133,300 - $206,600
Job Summary
MathWorks is seeking a Code Signing and Secure Software Infrastructure Engineer to help protect the integrity and authenticity of our software products. In this role, you’ll design and build the systems that securely sign, validate, and release software used by engineers around the world.
This position is ideal for an engineer who enjoys working at the intersection of secure software development, automation, and infrastructure, and who is passionate about strengthening the software supply chain. You’ll play a critical role in embedding security into our CI/CD pipelines and ensuring our release artifacts meet modern platform trust and security standards.
Responsibilities
Design, develop, and operate secure code‑signing systems integrated into highly automated CI/CD pipelines.
Build and maintain software-driven infrastructure that signs and verifies release artifacts across Windows, Linux, and macOS.
Perform threat modeling and security reviews of build, integration, and release systems, and implement engineering‑focused mitigations.
Manage the full lifecycle of production code‑signing certificates, including secure storage, rotation, and auditing.
Implement mechanisms that ensure software is authentic, trusted, and tamper‑resistant from build through customer delivery.
Develop monitoring, logging, and alerting to proactively detect failures, misuse, or attacks.
Stay current with OS‑level trust models, code‑signing requirements, and platform security standards.
Partner with software developers and security teams to integrate secure signing into the software development lifecycle.
Help diagnose and resolve customer‑reported code‑signing and trust issues.
Minimum Qualifications
- A bachelor's degree and 6 years of professional work experience (or a master's degree and 3 years of professional work experience, or a PhD degree, or equivalent experience) is required.
Additional Qualifications
Strong software development and debugging experience in C/C++ and scripting languages such as Python.
Experience working with source control systems like Git or Perforce.
Hands‑on experience with automation and configuration management tools (e.g., Ansible, Chef, Puppet).
Proven ability to debug systems using tools such as strace, dtrace, or bpftrace.
Experience designing and operating secure build or release infrastructure.
Solid understanding of code signing, certificates, cryptographic trust chains, and digital signatures.
Familiarity with secure software supply chain practices or zero‑trust architectures.
Experience supporting Linux, Windows, and macOS environments and network file systems (SMB, NFS).
Experience with software‑defined networking (SDN) or infrastructure‑as‑code is a plus.