Hardware Security and Vulnerability Analyst/Remote

Job Title- Hardware Security and Vulnerability Analyst

Location-Remote

Job Summary

We are seeking a Hardware Security and Vulnerability Analyst to assess, identify, and mitigate security risks in hardware platforms, embedded systems, and device firmware. The role involves conducting security assessments, vulnerability analysis, threat modeling, and collaborating with engineering teams to design secure hardware solutions throughout the product lifecycle.

Key Responsibilities

• Perform hardware security assessments and vulnerability analysis for embedded devices, SoCs, PCBs, and firmware.
• Identify, analyze, and validate hardware vulnerabilities using manual and automated techniques.
• Conduct threat modeling and security risk assessments for hardware products.
• Perform firmware and bootloader security analysis.
• Assess hardware interfaces such as JTAG, UART, SPI, I2C, USB, PCIe, and debug ports for potential security weaknesses.
• Evaluate secure boot, TPM, Trusted Execution Environment (TEE), Secure Enclave, and hardware root of trust implementations.
• Support penetration testing of embedded and IoT devices.
• Analyze side-channel attack and fault injection risks where applicable.
• Review hardware architecture and design documents for security compliance.
• Collaborate with hardware, firmware, and software engineering teams to remediate identified vulnerabilities.
• Document findings, prepare technical reports, and recommend mitigation strategies.
• Stay current with emerging hardware attack techniques, vulnerabilities, and industry best practices.

Required Qualifications

• Bachelor's or Master's degree in Computer Science, Electronics, Electrical Engineering, Cybersecurity, or a related field.
• Strong understanding of computer architecture and embedded systems.
• Knowledge of hardware security principles and secure hardware design.
• Experience with firmware analysis and reverse engineering.
• Familiarity with cryptographic concepts and secure key management.
• Understanding of hardware communication protocols and debugging interfaces.
• Experience with Linux and embedded operating systems.
• Programming or scripting skills in C, C++, Python, or Bash.

Preferred Skills

• Experience with hardware penetration testing tools and laboratory equipment (oscilloscopes, logic analyzers, JTAG debuggers, Bus Pirate, ChipWhisperer, etc.).
• Knowledge of secure boot, TPM, HSM, TEE, ARM TrustZone, or Intel SGX.
• Familiarity with vulnerability frameworks such as CVE and CVSS.
• Experience with reverse engineering tools such as Ghidra, IDA Pro, Binwalk, or Radare2.
• Knowledge of hardware attack techniques including glitching, fault injection, and side-channel analysis.
• Familiarity with secure development lifecycle (SDL) and security standards such as NIST, ISO/IEC 27001, IEC 62443, or Common Criteria.

Desired Competencies

• Strong analytical and problem-solving skills.
• Attention to detail and investigative mindset.
• Ability to communicate technical findings effectively.
• Strong documentation and reporting skills.
• Ability to work collaboratively in cross-functional teams.