Senior/Principal Software Engineer - Android 5 #0963

Brief Description
About ECI
ECI’s mission is to be the global leader of professional consulting services for the life sciences industry. Our clients lean on our diverse perspectives and decades of expertise to tackle their toughest challenges, and we take pride in providing them transformative solutions with distinctive, sustainable and long-term value. ECI boasts a proven track record of providing full product life cycle consulting on a variety of challenging and exciting projects. Our collaborative culture, welcoming team and flexible employment & benefit options allow us to maintain strong relationships with the most talented individuals in the life sciences industry.
About The Role
We are looking for a Senior or Principal Software Engineer with deep experience in Android OS and AOSP platform engineering. In this role, you will own and enhance a stand-alone, non-internet connected device which consists of a customized tablet device using an Android 5 operating system and Main Java application used within a Class III medical device system. You will make design change improvements, perform security hardening on both the Android OS platform and hosted Java app, build SELinux production releases using existing legacy development environments and tools, and ensure the integrated design changes meet strict medical device cybersecurity and regulatory requirements.
This role requires strong Android platform experience using and building production release images for Lollipop Version 5, Java app changes, adhering to Android security best practices for encryption key rotation using Android keystore for non-internet connected devices , Linux kernel configuration changes, access control improvements, u-boot/secure boot changes, native service (C/C++) changes, including and system level integration verification and validation.
What You'll Do

• Update and modify Android OS (Lollipop version 5) and Linux Kernel to address security issues, vulnerability patching and compliance needs
• Implement u-boot, main app, and data security improvements incorporating security key hierarchy, key management for cryptographic keys, signing keys, use of keystore, key rotation
• Customize and implement configuration management and source code control best practices for an AOSP fork, including frameworks, and system services
• Apply OS level and Kernel patches and security configuration settings aligned with FDA and EU cybersecurity guidance
• Implement SELinux production release configurations, custom build (makefile) configurations, removal/disabling of unused drivers/services
• Apply main Java application changes to enhance security and properly integrate with related OS patches, native services (C/C++) and security improvements,
• Implement design changes to support secure OS and Main app software updates through the android recovery process and u-boot
• Implement software updates process to include encryption and update package signing & authentication
• Implement anti-rollback process for software updates
• Knowledge and experience with HALs, vendor patches, and hardware drivers with the Android platform
• Perform board bring up (U Boot, device tree, kernel integration)
• Conduct low level debugging using UART, JTAG, and similar tools
• Modify Linux kernel components and device drivers when required
• Use system level profiling tools to identify and fix issues
• Fix OS and kernel level vulnerabilities and Reduce OS/kernel attack surfaces
• Implement update process for both OS OTA offline updates and also Main app updates
• Support cybersecurity risk analysis, threat modeling and vulnerability patching.
• Perform OS level verification and validation following IEC 62304
• Support risk management efforts aligned with ISO 14971
• Participate in audits and reviews to maintain regulatory compliance
• Work with app developers to ensure compatibility
• Partner with cybersecurity, system engineering, and quality teams
• Create and maintain architecture docs, test plans, and traceability matrices
• Ensure documentation is complete and audit ready

What You Will Bring

• Bachelor’s or master’s degree in computer engineering, Computer Science, Electrical Engineering, or related field
• 7+ years of software engineering experience
• 3+ years working with Android OS / AOSP, Java, C/C++
• Strong experience with AOSP builds, Android frameworks, and kernel modification
• Solid understanding of Linux internals and embedded systems
• Experience in regulated environments
• Knowledge of IEC 62304, ISO 14971, and related standards
• Familiarity with cybersecurity risk assessment and vulnerability remediation

Preferred Qualifications

• Experience with legacy Android (Android 5), Java, C/C++
• Strong debugging and reverse engineering skills
• Experience supporting regulatory submissions
• Excellent communication and documentation skills

ECI is an equal opportunity employer.
All qualified applicants will receive consideration for employment at ECI without regard to race; creed; color; religion; national origin; sex; age; disability; sexual orientation; gender identity or expression; genetic predisposition or carrier status; veteran, marital, or citizenship status; or any other status protected by law.