Primary Skills:
- Targeted pen testing/security analysis of ECU features at all levels e.g., secure boot, secure OS/TEE, secure protocol implementation, key management systems, debug access activation methods, paid feature activation, system architecture, etc.
- Good Knowledge of modern automotive embedded systems, secure boot in all facets, baseband (LTE/GSM), Android/Linux/Autosar, CAN/Ethernet.
- Liaising with ECU SW developers to explain security issues and provide feedback on proposed solutions.
- Supporting the security test developers by providing input to new features and regression test development.
- Good Knowledge of Reverse engineering, fuzzing (custom fuzzer development), PoC exploit development, source code review, hardware tampering, design reviews.
Must have:
- Very good knowledge of cyber security, embedded systems and cryptography, which you are passionate about developing on a daily basis.
- Relevant professional experience with pen testing and/or offensive security and reverse engineering.
- Very strong (embedded) Linux knowledge.
- Fluency in written and spoken English.
Nice to have:
- A relevant tertiary qualification with a security component.
- Knowledge of common automotive protocols.
- Experience with automotive bus and protocol analysis tools.
- Any relevant technical certifications - e.g., OSCP