CAREERS · DIGITAL NORTH

We hire engineers who would rather ship than slide.

Digital North is a small specialist firm building the cryptographic and operational backbone of the next two decades of automotive cybersecurity. The work is real, the stakes are high, the team is small on purpose. If you've spent the last several years getting deep on PKI, V2X, vehicle SOC operations, automotive cloud platforms, or post-quantum cryptography, this page is for you.

THE WORK

Three programmes. One discipline.

We don't have product lines. We have programmes. Each one runs for years, with the same engineers from kickoff to handover. The work is specific, the depth is real, and the customer is usually an OEM or Tier 1 supplier with regulatory exposure and a real platform to defend.

VEHICLE SOC ENGINEERING

Building detection pipelines that sit between thousands of ECUs and the OEM's incident response process. CAN-bus telemetry, OTA campaign monitoring, PSIRT timeline orchestration, fleet-wide anomaly correlation. The work is closer to control systems than to enterprise SIEM.

V2X PKI MIGRATION

Moving the cryptographic foundation of vehicle-to-everything communication from ECDSA to NIST-standardised post-quantum schemes without breaking the IEEE 1609.2 frame budget or stranding fifteen-year fleets. This is some of the hardest applied cryptography deployment work in the industry right now.

AUTOMOTIVE CLOUD PLATFORMS

Designing the edge, regional, and global cloud planes that vehicles actually depend on. OTA at scale, V2X PKI hosting, MEC inference, federated ML. The cloud is part of the car, and we engineer it that way.

REGULATORY TECHNICAL WORK

R155, R156, ISO/SAE 21434, FIPS 203/204/205 readiness. Not slide decks. Real evidence packs, real CSMS documentation, real audits with type-approval authorities.

THE SHAPE OF THE JOB

Distributed by default. Deep by design.

WHERE YOU WORK

Globally remote. We have engineers across multiple time zones. The team is built around asynchronous depth, not synchronous noise. There is no head office expectation, no city you have to move to.

HOW WE WORK

Programmes, not sprints. The cadence is set by the work and the client, not by a Jira board. We do not run two-week ceremonies. We run multi-quarter engagements where the same engineer owns the same surface for the duration.

WHAT YOU'LL TOUCH

Real production systems for real OEMs. We do not run lab demos. If you build it, fleets depend on it. If you write it, regulators read it.

WHO YOU'LL WORK WITH

A small group of senior engineers who have spent their careers in this space. No layers between you and the work.

WHAT WE LOOK FOR

Walk the talk. The rest is noise.

We don't care about your degree. PhD, undergraduate, self-taught, never went to a formal programme: it is the same to us. We are looking for people who can do what they say they can do. If that is you, we should talk.

Money will not be the constraint. Senior automotive cybersecurity work is paid like the senior automotive cybersecurity work it is. We make offers that work for the right person rather than for a spreadsheet.

What we ask in return is depth. We don't run a sprint factory. The work we do for clients is the work we did to get good at the work, and the work we will be doing for years. If you want to drift between domains every eighteen months, this won't suit you. If you want to spend the next decade understanding automotive cryptography better than anyone else and being paid well to do it, get in touch.

HOW TO SHOW YOUR WORK

Bring what you've built.

There's no single right way to show us you can do the work. Bring whichever of these makes the strongest case for you. We don't expect all of them, and we don't expect any of them to be polished.

  • ->

    Code you've shipped. GitHub, GitLab, a public commit history, or a private repo we can sign an NDA over. We read code carefully.

  • ->

    Vulnerabilities you've found. CVEs you've authored or co-authored. Disclosure write-ups. Bug bounty programme reports you can share.

  • ->

    Published work. Papers, technical blog posts, conference talks, standards-body contributions, RFCs. Anything that shows you can write down what you know.

  • ->

    Systems you've built. Architecture diagrams you can talk through. Production systems you can describe in detail. Engagements you ran end-to-end.

  • ->

    An interesting conversation. If none of the above apply, the first call is technical depth. Bring something specific you've worked on and we will go deep on it.

HOW WE INTERVIEW

Three conversations. No theatre.

FIRST CALL

A real conversation, usually an hour, with a working engineer. Not behavioural screening, not a recruiter call. We will ask about something specific from your work and we will go deep. You should ask us the same.

TECHNICAL DEPTH

Either a paid take-home if the role suits one, or a system design discussion. Pick whichever fits the work better. We do not run LeetCode.

REFERENCE AND OFFER

If both sides want to continue, we talk to people you've worked with and we make an offer that reflects the seniority of the work.

We do not interview for culture fit. We interview for depth and integrity.

Internships

We also run two, three, and six-month internships for students and recent graduates working in automotive cybersecurity, V2X PKI, and post-quantum migration.

See internship details

GET IN TOUCH

Write to us.

The address is [email protected]. Tell us what work you've done, what you're looking to do next, and whichever of the things above makes the strongest case for you. There's no template, no portal, no application form. A clear email is fine.