Embedded Systems
Embedded Systems
Posted on :
02-09-2025
Employer Active
1 Vacancy
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Share
Send me jobs like this
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Job Description
Description:
This role involves conducting and facilitating penetration testing at the vehicle component and functional levels. The candidate will simulate real-world attack scenarios targeting embedded systems automotive interfaces wireless protocols and connected services.
Key Responsibilities:
Contribute to the development and continuous improvement of Cybersecurity Verification & Validation (V&V) activities.
Define tailor and execute/facilitate grey-box and black-box penetration testing at ECU functional and vehicle levels.
Conduct fuzz testing on automotive interfaces and services to uncover unknown vulnerabilities.
Demonstrate compliance with automotive cybersecurity standards and regulations such as ISO/SAE 21434 UNECE R155 AIS 189 and GB 44495.
Perform penetration testing in both lab and on-site environments with flexibility for travel.
Perform manual security code reviews to identify vulnerabilities in embedded software and connected systems.
Document test findings with detailed risk assessments and technical evidence
Share with internal and external teams recommendations on security hardening measures
Onboard and collaborate with competent external suppliers
Occasionally conduct penetration testing of web applications APIs and mobile applications
Required Qualifications:
Bachelors or Masters degree in Electrical/Electronics Engineering Embedded Systems Cybersecurity or a related field.
Minimum 4 years of hands-on experience in automotive penetration testing with 7 9 years of total experience in embedded systems or broader penetration testing domains.
Strong understanding of vehicle and ECU architecture and automotive cybersecurity principles.
Familiarity with microcontroller platforms and software architectures (e.g. AUTOSAR QNX Linux Android).
Proficiency in programming (C CAPL etc.) and scripting (Python Bash) for test automation.
Experience with automotive cybersecurity testing frameworks and tools.
Hands-on security testing experience with:
o Hardware-level and its interface testing (e.g. MCU HSM eMMC JTAG UART Fault injection Side Channel etc.)
o Automotive interface/protocols (e.g. OBD UDS CAN Ethernet)
o Wireless (e.g. Bluetooth Wi-Fi Cellular/SDR -4G/5G etc.)
o Connected Systems (Web/Mobile app Server APIs Cloud etc.)
o Vehicle and ECU security features (e.g. secure communication secure OTA secure boot secure diagnostics firewall IDS logging etc.)
o Fuzz testing tools and techniques for automotive systems
Proficiency in reverse engineering firmware using tools like Ghidra or IDA Pro.
Experience with restbus simulation flashing toolchains and diagnostic tools (e.g. CANoe vFlash ).
Experience conducting manual security code reviews for embedded and connected system software.
Strong documentation communication and presentation skills.
Strong skills in documenting work communicating clearly and presenting technical topics to varied audiences.
Proven stakeholder management skills including cross-functional collaboration with engineering compliance and supplier teams.
Nice-to-Have:
Industry certifications such as OSCP OSCE GIAC GPEN or equivalent.
Experience with fault injection and side-channel attack simulations.
Background in security research or conference presentations including vulnerability discovery technical publications or community contributions.
Enable Skills-Based Hiring No Key Responsibilities:
Contribute to the development and continuous improvement of Cybersecurity Verification & Validation (V&V) activities.
Define tailor and execute/facilitate grey-box and black-box penetration testing at ECU functional and vehicle levels.
Conduct fuzz testing on automotive interfaces and services to uncover unknown vulnerabilities.
Demonstrate compliance with automotive cybersecurity standards and regulations such as ISO/SAE 21434 UNECE R155 AIS 189 and GB 44495.
Perform penetration testing in both lab and on-site environments with flexibility for travel.
Perform manual security code reviews to identify vulnerabilities in embedded software and connected systems.
Document test findings with detailed risk assessments and technical evidence
Share with internal and external teams recommendations on security hardening measures
Onboard and collaborate with competent external suppliers
Occasionally conduct penetration testing of web applications APIs and mobile applications
Required Qualifications:
Bachelors or Masters degree in Electrical/Electronics Engineering Embedded Systems Cybersecurity or a related field.
Minimum 4 years of hands-on experience in automotive penetration testing with 7 9 years of total experience in embedded systems or broader penetration testing domains.
Strong understanding of vehicle and ECU architecture and automotive cybersecurity principles.
Familiarity with microcontroller platforms and software architectures (e.g. AUTOSAR QNX Linux Android).
Proficiency in programming (C CAPL etc.) and scripting (Python Bash) for test automation.
Experience with automotive cybersecurity testing frameworks and tools.
Hands-on security testing experience with:
o Hardware-level and its interface testing (e.g. MCU HSM eMMC JTAG UART Fault injection Side Channel etc.)
o Automotive interface/protocols (e.g. OBD UDS CAN Ethernet)
o Wireless (e.g. Bluetooth Wi-Fi Cellular/SDR -4G/5G etc.)
o Connected Systems (Web/Mobile app Server APIs Cloud etc.)
o Vehicle and ECU security features (e.g. secure communication secure OTA secure boot secure diagnostics firewall IDS logging etc.)
o Fuzz testing tools and techniques for automotive systems
Proficiency in reverse engineering firmware using tools like Ghidra or IDA Pro.
Experience with restbus simulation flashing toolchains and diagnostic tools (e.g. CANoe vFlash ).
Experience conducting manual security code reviews for embedded and connected system software.
Strong documentation communication and presentation skills.
Strong skills in documenting work communicating clearly and presenting technical topics to varied audiences.
Proven stakeholder management skills including cross-functional collaboration with engineering compliance and supplier teams.
Nice-to-Have:
Industry certifications such as OSCP OSCE GIAC GPEN or equivalent.
Experience with fault injection and side-channel attack simulations.
Background in security research or conference presentations including vulnerability discovery technical publications or community contributions.
Additional Details
- Planned Resource Unit : (55)ITTRUCKS;(13)F/TC - Application Manager - 6-9 Yrs;Application Development;(Z3)6-9 Years
Employment Type
Full-time
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
