Embedded Security Testing Engineero Perform analysis of security requirements specifications and generate corresponding test specifications for a variety of products during design phaseo Lead and perform execution of security test specifications during verification phase ensuring that the specified security requirements have been implemented sufficientlyo Perform other testing activities including pen testing and reverse engineering against embedded hardware and firmware with goals of identifying implementation flawso Communicate complex technical findings, remediation guidance and recommendations effectively both verbally and written to technical and non-technical staffo Research and stay up to date on new attack vectors, vulnerabilities, and exploitation techniqueso Lead and participate in small to large-scale individual and matrix-based groups, initiatives, or mentoring others in technical/functional security areaso Lead and participate in technology security design reviews with the ability to efficiently communicate potential issues and risksQualifications:o Bachelor’s degree (or higher) in Electrical Engineering, Computer Science, Cybersecurity or related is strongly desiredo Demonstrate a good working knowledge of core security concepts, embedded security best practices (e.g. secure boot, secure debug, secure storage, secure communications) and the secure development lifecycle activitieso Hands-on experience with designing and testing of the core embedded security concepts aboveo Experience with reverse engineering and binary analysis methods and tools (e.g. IDA Pro, Ghidra)o Experience with vulnerability analysis using CVSS scoring and CWE typeso Knowledge of Linux and other embedded operating systems is preferredo Proficient in C, C, Python (specifically for writing tools to help tasks)o Hands-on experience securing Linux, MacOS, Windows and Android operating systemso Ability to handle tasks with significant complexity under minimal supervision requiring a high degree of technical competenceo Experience with on-board communication interfaces such JTAG, SPI, UART, and SWDo Experience in designing, developing and debugging embedded security applications is a pluso Familiarity with Automotive and Industry standards and best practices such at ISO-SAE 21434, SAE J3101o Knowledge of common communication protocols found in the automotive ecosystem such as TCP/IP, Automotive Ethernet, CAN, LIN, MOST, 3G/4G/LTE, Bluetooth, BLE, Wi-Fio Knowledge of cryptography and applied cryptography for provisioning secure hardware is desirableo Knowledge of ARM (including Trust Zone architecture) and other embedded microprocessorso Practical experience with security controls for POSIX type operating systemso Understanding of SoC security technologies (e.g. eFuses, HAB)o Experience designing small PCBs for testing purposeso Hands-on experience with soldering and “chip-off” equipmento Familiarity with reading wiring schematics and component datasheetso Experience with vulnerability management process (from proof-of-concept to remediation)