Match score not available

Senior Embedded Security Consultant - Cheltenham, UK

unlimited holidays - extra holidays - extra parental leave - long remote period allowed

Remote:

Full Remote

Contract:

Full time

Experience:

Senior (5-10 years)

Work from:

United Kingdom

Offer summary

Qualifications:

Bachelor's degree in relevant field, 5+ years experience in similar role.

Key responsabilities:

Perform security evaluations for embedded devices
Develop advanced attack scenarios and methods
Communicate vulnerabilities to technical and non-technical audience
Research new attack vectors and create exploitation techniques
Collaborate with team members on project delivery

IOActive, Inc. Cybersecurity SME https://ioactive.com/

51 - 200 Employees

See more IOActive, Inc. offers

Job description

Description

This is not a Remote position. This position is expected to report for work at our security lab in Cheltenham, United Kingdom.

Senior Embedded Device Security Consultant - Cheltenham, UK

Founded in 1998 with US headquarters in Seattle, IOActive is a cutting-edge firm that blends opportunities for career and personal advancement with a positive and challenging work environment. We seek talented people from around the world to join our diverse, growing team of consultants. We look for broad, robust skill sets – Reverse Engineering, Code Reviewer, Hardware Hacking, and Network and Application Penetration Testing.

Senior Embedded Device Security Consultants are responsible for performing high-end security evaluations and research for our clients focusing on embedded devices. This includes automobiles, payment devices, mobile phones, and medical devices. The consultant will work with other team members to deliver high-quality results to IOActive’s clients throughout the world.

Our consultants maintain a high level of expertise regarding known threats and technical advances in embedded security. This requires expert knowledge in areas such as C, Java and Assembly languages, Open Platform, EMV standards, and cryptography.

What you’ll do:

The Senior Embedded Device Security Consultant will undertake advanced level security evaluation tasks and duties in order to meet customer requirements and project deadlines. This includes:

Investigate possible logical attack scenarios by interpreting the code review findings, orienting the attack paths, and analyzing the test results
Develop sophisticated, state-of-the-art attacks that integrate the latest attack methods against embedded products
Create tools to assist in project goals
Communicate complex vulnerabilities to both technical and non-technical client staff
Perform research on new attack vectors, discover new vulnerabilities, create new exploitation techniques
Evangelize IOActive Labs through blogs, white papers, presentations, etc.
Support business development efforts through the scoping of engagements

What you bring:

Technical Skills

Ability to connect and use JTAG/Onchip Debuggers
Soldering skills to remove flash chips and solder on test leads
Reverse Engineering, specifically Firmware
Knowledge of ARM and other embedded microprocessors
Knowledge of Linux and other embedded OSs
Proficient in at least one mainstream programming language (Java, .NET, C or C++)
Hardware/embedded system hacking
Development experience in software on embedded products
Reverse engineering and source code review experience
Vulnerability assessment and penetration testing experience
Knowledge of security-related topics, such as authentication, entitlements, identity management, data protection, data leakage prevention, validation checking, encryption, hashing, principle of least privilege, software attack methodologies, secure data transfer, secure data storage, etc.
Knowledge of cryptography is desirable
Ability to work independently under deadline
Rigorous attention to detail and strong analytic skills
Excellent command of written and spoken English
Comfortable working as part of a multi-national and multi-disciplinary team
Logical and structured approach to projects
Five years or more of relevant work experience in high-paced, enterprise environment

Security Skills

Reverse engineering and source code review experience
Vulnerability assessment and penetration testing experience
Knowledge of security-related topics, such as authentication, entitlements, identity management, data protection, data leakage prevention, validation checking, encryption, hashing, principle of least privilege, software attack methodologies, secure data transfer, secure data storage, etc.
Knowledge of cryptography is desirable

Consulting Skills + Experience

Ability to work independently under deadline
Rigorous attention to detail and strong analytic skills
Excellent command of written and spoken English
Comfortable working as part of a multi-national and multi-disciplinary team
Logical and structured approach to projects

5+ years or more of relevant work experience in high-paced, enterprise consulting environment

Why IOActive:

We have over 20 years of experience that’s established and stable; yet high-growth with the energy, passion and dynamic work environment of a startup.

We are renowned for our innovation and thought leadership within our high-profile, cutting edge space.

We're one of “the good guys” doing crazy cool stuff to thwart bad guys in a critically important business, social and political arena. Our work is great fun with great importance.

Above all else, we value our people and our customers. Relationships matter.

Join us!

IOActive is proud to be an Equal Opportunity Employer.