Apply on Employer Site

IOActive, Inc. · 4 months ago

Senior Embedded Security Consultant - US

Seattle, WA

Full-time

Hybrid

Senior Level

$90K/yr - $175K/yr

5+ years exp

IOActive, Inc. is a trusted partner for Global 1000 enterprises, providing research-fueled security services across all industries. They are seeking a Senior Embedded Device Security Consultant who will be responsible for performing high-end security evaluations and research focused on embedded devices, including automobiles and medical devices, while delivering high-quality results to clients worldwide.

ConsultingInformation TechnologySecuritySoftware

Growth Opportunities

H1B Sponsor Likely

Responsibilities

Investigate possible logical attack scenarios by interpreting the code review findings, orienting the attack paths, and analyzing the test results

Develop sophisticated, state-of-the-art attacks that integrate the latest attack methods against embedded products

Create tools to assist in project goals

Communicate complex vulnerabilities to both technical and non-technical client staff

Perform research on new attack vectors, discover new vulnerabilities, create new exploitation techniques

Evangelize IOActive Labs through blogs, white papers, presentations, etc

Support business development efforts through the scoping of engagements

Qualification

Embedded security expertiseReverse engineeringVulnerability assessmentPenetration testingProgramming languagesCryptographyARM microprocessorsSoldering skillsLinux knowledgeAnalytic skillsLogical project approachEnglish commandAttention to detailTeam collaboration

Required

Ability to connect and use JTAG/Onchip Debuggers

Soldering skills to remove flash chips and solder on test leads

Reverse Engineering, specifically Firmware

Knowledge of ARM and other embedded microprocessors

Knowledge of Linux and other embedded OSs

Proficient in at least one mainstream programming language (Java, Rust, .NET, C or C++)

Hardware/embedded system hacking

Development experience in software on embedded products

Reverse engineering and source code review experience

Vulnerability assessment and penetration testing experience

Knowledge of security-related topics, such as authentication, entitlements, identity management, data protection, data leakage prevention, validation checking, encryption, hashing, principle of least privilege, software attack methodologies, secure data transfer, secure data storage, etc

Knowledge of cryptography is desirable

Ability to work independently under deadline

Rigorous attention to detail and strong analytic skills

Excellent command of written and spoken English

Comfortable working as part of a multi-national and multi-disciplinary team

Logical and structured approach to projects

Five years or more of relevant work experience in high-paced, enterprise environment

Benefits

PTO

Holiday

Medical

Dental

Vision

401(k) match

Long and Short Term Disability

Life Insurance

Employee Assistance Program (EAP)

Business Travel Insurance

Company

IOActive, Inc.

IOActive is a trusted partner for Global 1000 enterprises, providing research-fueled security services across all industries.

Founded in 1998

Seattle, Washington, USA

51-200 employees

http://www.ioactive.com

H1B Sponsorship

IOActive, Inc. has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2023 (2)

2022 (1)

2021 (1)

2020 (3)