Hardware/Network Engineer

We are hiring an on-site Hardware / Network Engineer to own the full lifecycle of our kiosk hardware platform: design, build, configure, deploy, and sustain. This role is hands-on and cross-functional - you will work directly with software engineering, operations, field service, and client solutions to ensure every kiosk ships reliably, connected, and secure. Our kiosks process identity-verification transactions in government and enterprise environments, so uptime, security, and network resilience are non-negotiable.

Role Fit & Non-Negotiables

• Onsite in Fairfax, VA - remote is not available.
• U.S. citizen required due to ITAR and government customer obligations.
• Comfortable working with physical hardware (assembly, cabling, bench testing) as well as network configuration and troubleshooting.
• Hands-on ownership of kiosk hardware and network infrastructure - this is not a design-only or advisory role.

What You'll Own (90-180 Day Outcomes)

• Document and standardize the current kiosk hardware BOM, assembly process, and QA acceptance criteria for consistent build quality.
• Establish a repeatable hardware provisioning pipeline: image, configure, test, and ship kiosks with minimal manual intervention.
• Audit and harden kiosk network architecture: VPN tunnels, firewall rules, cellular/LTE failover, and remote management access across hundreds of locations in the US and internationally.
• Implement hardware lifecycle management: inventory tracking, warranty/RMA processes, component obsolescence planning, and spare parts strategy.
• Define monitoring and alerting for hardware health: temperature, connectivity, peripheral status (camera, scanner, printer), and power/UPS telemetry.
• Collaborate with DevSecOps and software engineering to ensure secure boot, firmware integrity, and patch delivery pipelines for deployed kiosks., Kiosk Hardware Engineering (Hands-On)
• Own the kiosk hardware platform: component selection, integration, assembly documentation, and build-to-order manufacturing coordination.
• Design and maintain hardware test fixtures and acceptance procedures to validate each unit before deployment.
• Evaluate and qualify new components (cameras, biometric sensors, NFC readers, printers, touchscreens) for reliability, security, and cost optimization.
• Manage hardware BOM, vendor relationships, and procurement lead times in coordination with Operations and Supply Chain.
• Support field service engineers with remote hardware diagnostics and escalation procedures.

Network Engineering (Hands-On)

• Design, deploy, and maintain the network infrastructure connecting kiosks to cloud services (AWS, Azure, GCP).
• Configure and manage site-to-site VPN, SD-WAN, or zero-trust network access for kiosk fleet connectivity.
• Implement network security controls: segmentation, firewall policies, intrusion detection, and encrypted transport.
• Own cellular/LTE connectivity strategy for kiosks without dedicated wired connections; manage carrier relationships and SIM provisioning.
• Monitor network performance, latency, and availability across the fleet using centralized dashboards and alerting.

Infrastructure & Reliability

• Define and enforce hardware configuration baselines to ensure consistency across US and international kiosk deployments.
• Implement remote management capabilities: BIOS/firmware updates, OS reimaging, peripheral diagnostics, and remote reboot/recovery.
• Partner with the DevSecOps team on hardening Windows endpoints: secure boot, BitLocker, application whitelisting, and telemetry collection.
• Support SOC 2 and FedRAMP compliance requirements related to physical security, hardware integrity, and network controls.

Cross-Functional Collaboration

• Work with Software Engineering on hardware-software integration: driver compatibility, peripheral APIs, and firmware update mechanisms.
• Coordinate with Client Solutions and Field Service on deployment logistics, site surveys, and installation requirements.
• Provide technical input on international deployments (power, connectivity, compliance differences for global kiosk fleet).
• Contribute to capacity planning as NextgenID scales over the next 12-24 months.

Do you have experience in Zero Trust security?, * 5+ years in hardware engineering, network engineering, or a combined hardware/infrastructure role with hands-on production responsibility.

• Strong networking fundamentals: TCP/IP, DNS, DHCP, VPN (IPSec/WireGuard), VLAN, firewall configuration, and cellular/LTE connectivity.
• Hands-on experience building, integrating, or maintaining hardware systems (kiosks, POS, IoT devices, edge computing, or industrial/embedded systems).
• Working knowledge of Windows 10/11 deployment and hardening in a fleet/device management context.
• Experience with hardware BOM management, vendor evaluation, and component lifecycle planning.
• Familiarity with at least one cloud platform (AWS, Azure, or GCP) for network connectivity and remote device management.
• Ability to read and create hardware schematics, wiring diagrams, and assembly documentation.
• Must be able to work onsite in Fairfax, VA; U.S. citizen.

Pulled from the full job description

• Health insurance
• Paid time off