Embedded/Firmware Security Engineer

About the Role:

We are looking for a highly skilled and motivated Embedded/Firmware Security Engineer to join our core product security team. You will be responsible for analyzing securing and improving the security posture of embedded systems across a wide range of products from low-level microcontrollers to sophisticated SoCs running RTOS or embedded Linux.

Your mission will be to ensure that security is designed into every layer of the system from hardware interfaces to firmware implementations and communication protocols. You will work cross-functionally with development hardware and IT security teams to identify risks and implement robust security features and practices throughout the embedded product lifecycle.

Key Responsibilities:

Analyse embedded systems for potential security vulnerabilities including bootloaders RTOS and bare-metal firmware.

Develop and implement secure coding standards and security mechanisms in firmware (e.g. secure boot encryption authentication).

Conduct threat modelling penetration testing and static/dynamic code analysis on firmware.

Collaborate with hardware teams to define trusted hardware boundaries and integrate secure elements (e.g. TPM HSM).

Perform firmware reverse engineering and vulnerability assessments of third-party or legacy code.

Research emerging threats and security best practices in IoT and embedded domains.

Develop tools or scripts to automate security testing and validation.

Contribute to incident response by analysing firmware-level vulnerabilities and supporting mitigation plans.

Support compliance efforts for standards such as ISO 21434 IEC 62443 and NIST.

Requirements:

Bachelor s or Master s degree in Computer Engineering Electrical Engineering Cybersecurity or related field.

3 years of experience in embedded systems or firmware development with a security focus.

Strong knowledge of C/C and familiarity with assembly language (ARM MIPS or x86).

Hands-on experience with secure boot firmware signing and encryption techniques.

Proficient in tools like IDA Pro Ghidra JTAG/UART debuggers and Wireshark.

Understanding of hardware interfaces (I2C SPI UART etc.) and embedded communication protocols.

Familiarity with firmware analysis fuzzing and binary exploitation techniques.

The candidate should also have strong proficiency in C.)

Security Architecture & Design

• Define and implement secure firmware architectures including trusted boot chains hardware root-of-trust and secure update mechanisms.
• Collaborate with hardware engineers to define secure boundaries ensure proper integration of secure elements (TPMs HSMs TrustZone) and validate secure SoC designs.
• Perform security reviews of schematics board layouts and SoC datasheets to identify possible security threats and recommend mitigations.

Threat Modeling & Risk Assessment

• Conduct detailed threat modeling (STRIDE DREAD PASTA) of embedded products to identify vulnerabilities and attack vectors.
• Participate in security design reviews of firmware bootloaders and system initialization processes.
• Provide risk ratings and prioritization of findings along with remediation guidance.

Vulnerability Analysis & Penetration Testing

• Perform penetration testing of embedded firmware using fuzzing fault injection memory corruption techniques and side-channel analysis.
• Conduct reverse engineering of compiled binaries to discover vulnerabilities (e.g. buffer overflows command injections insecure protocols).
• Analyze third-party code SDKs or open-source dependencies included in firmware for known CVEs or unsafe coding practices.

Secure Development Practices

• Guide engineering teams in adopting secure development lifecycles (SDL/SDLC).
• Define and enforce secure coding standards for embedded C/C.
• Assist in integrating security static and dynamic analysis tools (e.g. Coverity Fortify Valgrind) into the CI/CD pipeline.

Security Automation & Tooling

• Develop custom tools and scripts (in Python/C) for testing analyzing and validating security functions and firmware binaries.
• Automate test harnesses to validate the integrity of secure boot encrypted storage and firmware authenticity.

Nice to Have:

• Experience with automotive industrial or medical embedded systems.
• Familiarity with hardware security modules (HSMs) secure elements or TPM.
• Certifications such as OSCP GREM CEH or Certified IoT Professional.
• Knowledge of cryptographic algorithms and PKI infrastructure.

Embedded / Firmware Security Engineer with 3 Years of experience for Hyderabad location

Expertise in Bootloader Boot ROM Embedded Security and Low-Level Firmware Development working closely with hardware.

The candidate should also have strong proficiency in C.)

python,bootloaders,secure boot,debugging tools,iot security,authentication,c/c++,static/dynamic code analysis,c programming,encryption,threat modelling,firmware security,vulnerability assessment,embedded systems,penetration testing,firmware development,secure development lifecycle,reverse engineering,team collaboration,"low level firmware development",microcontrollers