Embedded Security Testing Engineer

Overview

Hybrid
Depends on Experience
Contract - Independent
Contract - W2
Contract - 12 Month(s)

Skills

advanced security
TCP / IP
C + +
C +
vulnerability analysis
Linux

Job Details

Sensiple Inc., service offerings include contingent Staff Augmentation of IT professionals, Permanent Recruiting and Temp-to-Hire. In addition, our industry expertise and knowledge within financial services, Insurance, Telecom, Manufacturing, Technology, Media, and Entertainment, Pharmaceutical, Health Care and service industries ensures our services are customized to meet specific needs. For more details, please visit our website:

We have been retained for providing recruiting assistance, for direct hires, by one of the world-leading information technology consulting, services, and business process outsourcing organization that envisioned and pioneered the adoption of the flexible global business practices that today enable companies to operate more efficiently and produce more value.

Sensiple, Inc. is an Equal Opportunity Employer, and all qualified applicants will receive consideration for employment without regard to gender, race, color, religion, sex, national origin, veteran or disability status.

Our client is looking for a Embedded Security Testing Engineer, HYBRID- PLANO, TX

. This is a 12 plus months contract role. Please find below the details of the position.

Job Description

Position Title: Embedded Security Testing Engineer

Location: HYBRID- PLANO, TX

Length: Long term Contract

Job Description:

In this role you will play a pivotal role in shaping the overall cybersecurity posture for Toyota. As an embedded security testing engineer, you will be responsible for leading and performing advanced security testing engagements for current and forward-model systems throughout Toyota s Connected Car ecosystem.

Responsibilities:

  • Perform analysis of security requirements specifications and generate corresponding test specifications for a variety of products during design phase
  • Lead and perform execution of security test specifications during verification phase ensuring that the specified security requirements have been implemented sufficiently
  • Perform other testing activities including pen testing and reverse engineering against embedded hardware and firmware with goals of identifying implementation flaws
  • Communicate complex technical findings, remediation guidance and recommendations effectively both verbally and written to technical and non-technical staff
  • Research and stay up to date on new attack vectors, vulnerabilities, and exploitation techniques
  • Lead and participate in small to large-scale individual and matrix-based groups, initiatives, or mentoring others in technical/functional security areas
  • Lead and participate in technology security design reviews with the ability to efficiently communicate potential issues and risks

Qualifications:

  • Bachelor s degree in Electrical Engineering, Computer Science, Cybersecurity or related is strongly desired
  • Demonstrate a good working knowledge of core security concepts, embedded security best practices (e.g. secure boot, secure debug, secure storage, secure communications) and the secure development lifecycle activities
  • Hands-on experience with designing and testing of the core embedded security concepts above
  • Experience with reverse engineering and binary analysis methods and tools (e.g. IDA Pro, Ghidra)
  • Experience with vulnerability analysis using CVSS scoring and CWE types
  • Knowledge of Linux and other embedded operating systems is preferred
  • Proficient in C, C++, Python (specifically for writing tools to help tasks)
  • Hands-on experience securing Linux, MacOS, Windows and Android operating systems
  • Ability to handle tasks with significant complexity under minimal supervision requiring a high degree of technical competence
  • Experience with on-board communication interfaces such JTAG, SPI, UART, and SWD

Additional Valued Attributes:

  • Experience in designing, developing and debugging embedded security applications is a plus
  • Familiarity with Automotive and Industry standards and best practices such at ISO-SAE 21434, SAE J3101
  • Knowledge of common communication protocols found in the automotive ecosystem such as TCP/IP, Automotive Ethernet, CAN, LIN, MOST, 3G/4G/LTE, Bluetooth, BLE, Wi-Fi
  • Knowledge of cryptography and applied cryptography for provisioning secure hardware is desirable
  • Knowledge of ARM (including Trust Zone architecture) and other embedded microprocessors
  • Practical experience with security controls for POSIX type operating systems
  • Understanding of SoC security technologies (e.g. eFuses, HAB)
  • Experience designing small PCBs for testing purposes
  • Hands-on experience with soldering and chip-off equipment
  • Familiarity with reading wiring schematics and component datasheets
  • Experience with vulnerability management process (from proof-of-concept to remediation)

If you find yourself suitable for this position, kindly send your updated resume and expected hourly rate to or reach us @.

Regards

Sharumathi | Sensiple Inc.,

Ext (509)

555 US Highway 1 S, Ste 330 Iselin, NJ 08830