Embedded Software Security Engineer

Overview

On Site
Depends on Experience
Accepts corp to corp applications
Contract - Independent
Contract - W2
Contract - 6 Month(s)

Skills

C
C++
ARM
Embedded Security
cryptography
encryption

Job Details

Hi,

Please find below the JD and let me know your interest for the below role.

Software Security Engineer

Plano, TX (Hybrid)

Contract Role

Required Experience: 12+ Yrs

Job Description

Red Team Software Security Engineer

Overview:

Embedded within the Product Cybersecurity Group (PCG), the Product Security Testing Team (PSTT) performs advanced security testing engagements for pre-production automotive solutions worldwide.

In this role, you will be analyzing embedded system security, developing tools and proof-of-concept exploits and reverse engineering software from bootloaders to userland applications. We are looking for candidates who are passionate about system security and understand the landscape of software security defenses and features.

Responsibilities:

  • Perform analysis of security requirements specifications against implementation
  • Execute penetration testing and reverse engineering of software and firmware.
  • Communicate complex technical findings, remediation guidance and recommendations.
  • Develop skills through research on new attack vectors, vulnerabilities, and exploits.

Qualifications:

  • Bachelor s degree (or higher) in Computer Engineering, Computer Science, Cybersecurity or related is strongly desired.
  • Proficient in C, C++, ARM and/or Python (specifically for writing tools to help tasks)
  • Knowledge of core, fundamental security concepts (e.g., cryptography, encryption)
  • Knowledge of embedded security features and best practices (e.g., Secure Boot)
  • Experience with Linux and other embedded operating systems.
  • Experience with reverse engineering and binary analysis tools (e.g., IDA Pro, Ghidra)
  • Experience evaluating system security based on standard controls (e.g., SELinux)
  • Experience with identifying software security issues and vulnerabilities.

Additional Valued Attributes:

  • Knowledge of software fuzzing techniques and solutions (e.g., BAP, AFL)
  • Knowledge of symbolic execution and other advanced binary analyses (e.g. angr)
  • Experience with vulnerability analysis using CVSS scoring and CWE types.
  • Experience in penetration testing and requirements verification.
  • Experience in performing code audit or assessments.