Back to Job Search

Embedded Security Testing Engineer

  • Location: Plano, 75024
  • Job Type:Contract

Posted about 1 month ago

Long term contract in Plano, TX for an Embedded Security Testing Engineer. Will be responsible for leading and performing advanced security testing engagements for current and forward-model systems.Will be focused on vehicle’s Embedded Security Testing. Will be testing the activities of vehicle issues, components as well as web, mobile and vehicle applications.
 
Responsibilities:
  • Perform analysis of security requirements specifications and generate corresponding test specifications for a variety of products during design phase.
  • Lead and perform execution of security test specifications during verification phase ensuring that the specified security requirements have been implemented sufficiently.
  • Perform other testing activities including pen testing and reverse engineering against embedded hardware and firmware with goals of identifying implementation flaws.
  • Communicate complex technical findings, remediation guidance and recommendations effectively both verbally and written to technical and non-technical staff.
  • Research and stay up to date on new attack vectors, vulnerabilities, and exploitation techniques.
  • Lead and participate in small to large-scale individual and matrix-based groups, initiatives, or mentoring others in technical/functional security areas.
  • Lead and participate in technology security design reviews with the ability to efficiently communicate potential issues and risks.
 
Qualifications:
  • Bachelor’s degree (or higher) in Electrical Engineering, Computer Science, Cybersecurity or related is strongly desired.
  • Hands-on experience of Embedded Security and its testing.
  • Demonstrate a good working knowledge of core security concepts, embedded security best practices (e.g., secure boot, secure debug, secure storage, secure communications) and the secure development lifecycle activities.
  • Hands-on experience with designing and testing of the core embedded security concepts above.
  • Experience with reverse engineering and binary analysis methods and tools (e.g. IDA Pro, Ghidra).
  • Experience with vulnerability analysis using CVSS scoring and CWE types.
  • Experience with Linux operating system.
  • Proficient in C, C++, Python (specifically for writing tools to help tasks).
  • Hands-on experience securing Linux, MacOS, Windows and Android operating systems.
  • Experience with on-board communication interfaces such JTAG, SPI, UART, and SWD.
  • Experience with Reverse Engineering.
  • Experience with Binary Analysis methods and tools (e.g., IDA Pro, Ghidra).
  • Experience working with various operating systems such as MacOS, Windows and Android operating systems.
  • Experience in designing, developing and debugging embedded security applications is a plus.
  • Familiarity with Automotive and Industry standards and best practices such at ISO-SAE 21434, SAE J3101.
  • Knowledge of common communication protocols found in the automotive ecosystem such as TCP/IP, Automotive Ethernet, CAN, LIN, MOST, 3G/4G/LTE, Bluetooth, BLE, Wi-Fi.
  • Knowledge of cryptography and applied cryptography for provisioning secure hardware is desirable.
  • Knowledge of ARM (including Trust Zone architecture) and other embedded microprocessors.
  • Practical experience with security controls for POSIX type operating systems.
  • Understanding of SoC security technologies (e.g., eFuses, HAB).
  • Experience designing small PCBs for testing purposes.
  • Hands-on experience with soldering and “chip-off” equipment.
  • Familiarity with reading wiring schematics and component datasheets.
  • Experience with vulnerability management process (from proof-of-concept to remediation).