Security engineer

Role: Product Security Engineer, Wireless Security

Location:Plano, Tx (3 days onsite everyweek and 2 days remote)

Duration:12+ Months

Client:Toyota



Description

This role is responsible for strengthening the cybersecurity posture of connected vehicle platforms by leading and executing advanced wireless penetration testing across the Connected Car ecosystem. As a Wireless Security Penetration Tester, you will assess current and next generation vehicle systems by identifying, exploiting, and validating security weaknesses across a broad range of wireless and RF-based technologies, including Bluetooth (Classic and BLE), WiFi (WPA2/WPA3), Cellular (LTE/5G), NFC, UWB, GNSS, and related protocols. You will design and operate sophisticated test environments, analyze complex wireless communications, and simulate real-world attack scenarios to evaluate the effectiveness of security controls. This role requires deep technical expertise , curiosity, and a strong research mindset to stay ahead of emerging threats, contribute to mitigation strategies, and continuously advance the teams wireless security capabilities.



Essential Functions:

Perform penetration testing across Bluetooth (Classic/BLE), Wi-Fi, NFC, UWB, Cellular (LTE/5G), GNSS, and other RF-based vehicle subsystems

Setting up a test environment to conduct analysis of the communication between the UE and eNodeB

Performing security assessments on wireless devices to identify potential vulnerabilities

Identifying various methods to circumvent security controls such as authentication mechanism on various wireless devices such as Bluetooth/Wi-Fi, NFC, etc.

Capturing wireless communications between a smart phone, and Device Under Test (DUT), and identify ways to impersonate the device

Attempting to extract and/or capture secret keys exchanged during the authentication between the two wireless devices

Identifying where secret keys are stored persistently upon a successful authentication between two devices

Identifying the type of authentication and security mode BLE peripheral/central and WPA supports

Performing analysis on the secure link during the BLE pairing process and identify potential misconfigurations or security flaws

Identifying and exploiting the vulnerabilities in NFC systems

Capturing, decoding and/or performing replay/relay attacks

Generating test reports, and recommending the appropriate course of action, and supporting the mitigation and re-validation efforts

Participating in research activities to investigate vulnerabilities, emerging cyber threats, and new technologies



Requirements:

Deep technical knowledge of wireless and RF-based technologies including Bluetooth (Classic/BLE), WiFi (WPA2/WPA3), Cellular (LTE/5G), NFC, UWB, GNSS, and related protocols, with the ability to assess and exploit security weaknesses.

Ability to plan and execute advanced penetration testing activities, including authentication bypass, key extraction, replay/relay attacks, and exploitation of protocol and implementation flaws.

Strong analytical skills to evaluate complex wireless communications, pairing processes, and secure links to identify misconfigurations, design weaknesses, and security vulnerabilities.

Experience designing, building, and operating controlled test environments to simulate real-world attack scenarios, including UEeNodeB communication analysis and multi-device wireless interactions.

Proactive approach to researching emerging wireless threats, vulnerabilities, tools, and technologies, and applying findings to continuously improve testing methodologies and security posture.

Ability to produce clear, actionable penetration testing reports that document findings, assess risk, recommend mitigations, and support remediation and re-validation efforts.