Staff Software Engineer

Ripple Ripple · Fintech · Geneva, Switzerland · Engineering

Staff Software Engineer role focused on designing and developing secure enclave-based platforms for cryptographic operations within Ripple's Custody department. The role involves working with distributed systems, applied cryptography, cloud infrastructure, and security engineering to protect critical cryptographic operations in isolated environments.

What you'd actually do

  1. Design, build, and operate secure enclave infrastructure for cryptographic workloads, including signing, key handling, authorization, and policy enforcement.
  2. Develop platform abstractions that make enclave-based deployment reliable, observable, and usable by internal engineering teams.
  3. Evaluate and integrate trusted execution technologies across cloud providers, including AWS Nitro Enclaves, GCP confidential computing offerings, and IBM HPVS.
  4. Build secure communication patterns between enclaves and external services, including attestation, encrypted channels, service identity, and request validation.
  5. Partner with cryptography, security, infrastructure, and product engineering teams to define secure architectures for custody-critical systems.

Skills

Required

  • Rust
  • Go
  • C
  • C++
  • Java
  • Linux
  • operating system fundamentals
  • networking
  • process isolation
  • cloud-native infrastructure
  • deployment automation
  • observability
  • service identity
  • access control
  • production incident response
  • applied cryptography
  • encryption
  • digital signatures
  • key management
  • secure channels
  • attestation
  • threat modeling
  • design reviews
  • implementation reviews

Nice to have

  • AWS Nitro Enclaves
  • GCP confidential computing
  • IBM HPVS
  • Linux kernel customization
  • minimal operating environments
  • OS image hardening
  • hardware interaction
  • virtualization
  • hypervisor boundaries
  • HSMs
  • MPC
  • threshold signing
  • secure key ceremonies
  • custody infrastructure
  • wallet systems
  • payment systems
  • blockchain infrastructure
  • high-assurance cryptographic platforms

What the JD emphasized

  • 10+ years of experience building production software, infrastructure, or distributed systems, with significant experience in security-sensitive and high-reliability environments.
  • Strong hands-on programming experience in systems or backend languages such as Rust, Go, C, C++, or Java, with the ability to build reliable, maintainable services and platform components.
  • Practical experience designing and operating systems that protect highly sensitive data, including secrets, cryptographic keys, signing material, or privileged workloads.
  • Strong understanding of applied cryptography concepts, including encryption, digital signatures, key management, secure channels, attestation, and protection of data at rest, in transit, and in use.
  • Deep knowledge of Linux, operating system fundamentals, networking, process isolation, and hardened runtime environments.
  • Experience building or operating cloud-native infrastructure, including deployment automation, observability, service identity, access control, and production incident response.
  • Ability to reason clearly about trust boundaries, threat models, failure modes, and defense-in-depth controls.
  • Experience leading complex technical projects across teams, including architecture definition, technical design, implementation guidance, and mentoring senior engineers.