Senior Embedded Penetration tester

Tech stack:

• Secure boot, firmware security, OTA updates

• Cryptography (AES, RSA, ECC) & hardware security (TPM, HSM, TrustZone)

• Embedded interfaces & protocols: CAN, LIN, Modbus, BLE, Wi-Fi, TCP/IP

• Penetration testing on embedded targets: JTAG, UART, SPI, I²C

• Cloud IoT platforms & secure communication: AWS/Azure/GCP IoT, TLS/DTLS, MQTT(S)

• Secure code review (C/C++, Rust, Python) & DevSecOps / CI/CD security

Requirements:

• Proven experience performing advanced penetration testing on embedded systems, IoT devices, and cloud-connected architectures

• Strong background in identifying, exploiting, and documenting security weaknesses across a broad range of environments

• Deep understanding of embedded security attack vectors: side-channel attacks, fault injection, firmware tampering, replay attacks, MITM

• Experience with vulnerability scanning, fuzzing, exploit development, and hardware-level security assessment

• Solid knowledge of secure communication protocols, cryptography, secure boot mechanisms, and secure firmware design

• Ability to translate complex technical findings into clear, actionable recommendations for both technical and non-technical stakeholders

• Familiarity with risk assessment frameworks such as ISO 21434, IEC 62443, ISO 27005

• Understanding of data protection requirements (GDPR / HIPAA) in cloud-integrated IoT ecosystems

• Experience with secure SDLC, DevSecOps, and CI/CD security practices

• Strong analytical, problem-solving, and communication skills

• Relevant certifications such as OSCP, GPEN, CompTIA PenTest+ (highly valued)

Main responsibilities:

Senior Penetration Tester with a proven track record of successfully identifying and exploiting security weaknesses across a wide range of systems and environments. The ideal candidate will have deep expertise in advanced penetration testing methodologies, tools, and reporting, with strong analytical and problem-solving skills. Experience in embedded systems security is highly desirable and will be considered a significant advantage. This role requires excellent communication skills to translate technical findings into clear, actionable recommendations for stakeholders.