Embedded Device Security Consultant - Cheltenham, UK
IOActiveEngland, United Kingdom
Posted November 12, 2020
Full Time
About the Company
IOActive is a trusted provider of research-driven security services to Global 1000 enterprises. Specializing in full stack penetration testing, program efficacy assessments, and hardware hacking, IOActive offers a unique attacker's perspective to enhance clients' security posture and business resilience. With a decade of experience and a commitment to unrelenting value, IOActive stands out in the industry with its 100% service satisfaction guarantee and diverse clientele across various sectors.
Job Description
IOActive is seeking an Embedded Device Security Consultant to perform high-end security evaluations for clients, focusing on a range of embedded devices. The role requires expert knowledge in areas like C, Java, assembly, and cryptography, and involves vulnerability research, exploitation, and communication with clients. The position involves maintaining a high level of expertise in known threats and technical advances in embedded security.
Requirements
- Rapid identification of attack surfaces and entry points
- Ability to connect and use JTAG/on-chip Debuggers
- Low-level C code review
- FreeRTOS, Android, Linux kernel drivers, protocol parsing
- Sandbox policy review (SELinux/SE Android)
- Crypto implementation code reviews (for secure boot and code signing)
- Java, especially Android app side
- ARM 32- and 64-bit assembly
- Extensive Git/GitHub experience
- Wi-Fi/Bluetooth
- Reverse engineering, firmware analysis
- Hardware/embedded system hacking
- Vulnerability assessment and penetration testing
- Knowledge of security-related topics (authentication, entitlements, etc.)
Benefits
- Equal Opportunity Employer