Wireless Security Engineer

Description:
In this role you will play a crucial part in shaping the overall cybersecurity posture for client. As a wireless security testing engineer, you will be responsible for leading and performing advanced wireless security testing engagements for current and forward-model systems throughout clients ecosystem, focusing on wireless protocols and technologies, including Bluetooth Classic/Low Energy, Wi-Fi (WPA2, WPA3), and Cellular (3G, and 4G LTE). The successful candidate will be a highly technical, passionate, and self-driven individual who loves to learn, solve problems, and contribute to the advancement of the team.

Summary:
This position's responsibilities include:
Setting up a test environment to conduct analysis of the communication between the UE and eNodeB
Identifying methods to manipulate Remote SIM Provisioning including but not limited to SIM Jacking attack
Performing security assessments on wireless devices to identify potential vulnerabilities
Identifying various methods to circumvent security controls such as authentication mechanism on various wireless devices such as Bluetooth/Wi-Fi, NFC etc.
Capturing wireless communications between a smart phone, and Device Under Test (DUT), and identify ways to impersonate the device
Attempting to extract and/or capture secret keys exchanged during the authentication between the two wireless devices
Identifying where secret keys are stored persistently upon a successful authentication between two devices
Identifying the type of authentication and security mode BLE peripheral/central and WPA supports
Performing analysis on the secure link during the BLE pairing process and identify potential misconfigurations or security flaws
Identifying and exploiting the vulnerabilities in NFC systems such as a mobile phone used to transmit RF signal to lock/unlock doors
Capturing, decoding and/or performing replay/relay attacks against key fobs using SDR and
Generating test reports, and recommending the appropriate course of action, and supporting the mitigation and re-validation efforts
Participating in research activities to investigate vulnerabilities, emerging cyber threats, and new technologies

Requirements:
Strong technical expertise in various wireless protocols such as GSM, Wi-Fi, Bluetooth, NFC, and UWB
Ability to perform various types of security tests such as penetration testing, fuzz testing, and evaluating the security requirements for wireless technologies
Hands-on experience regarding security testing Cellular network, Wi-Fi, BT/BLE, and NFC
Familiarity and ability to operate GSM simulators tools such as Keysight, Anritsu, and Wi-Fi, BT/BLE analyzers and testing suites
Experience with scripting and automation tools for collecting and analyzing data
Advance knowledge of LTE, WPA2/3, NFC, BT/BLE security features
Experience with static and dynamic code analysis
Experience with wireless specifications for LTE, and Bluetooth
Automotive industry experience