Apply on Employer Site

IOActive, Inc. · 4 months ago

Embedded Device Security Consultant

Atlanta, GA

Full-time

Onsite

Mid Level

$80K/yr - $120K/yr

3+ years exp

IOActive, Inc. is dedicated to making the world a safer and more secure place through their cutting-edge cybersecurity services. The Embedded Device Security Consultant will perform high-end security evaluations and research on embedded devices, develop sophisticated attacks, and communicate complex vulnerabilities to clients.

ConsultingInformation TechnologySecuritySoftware

Growth Opportunities

H1B Sponsor Likely

Responsibilities

Perform high-end security evaluations and research for our clients, focused on a range of embedded devices

Work with other team members to deliver high-quality results to IOActive’s clients throughout the world

Investigate possible logical attack scenarios by interpreting the code review findings, orienting the attack paths, and analyzing the test results

Develop sophisticated, state-of-the-art attacks that integrate the latest attack methods against embedded products

Create tools to assist in project goals

Communicate complex vulnerabilities to both technical and non-technical client staff

Perform research on new attack vectors, discover new vulnerabilities, create new exploitation techniques

Evangelize IOActive Labs through blogs, white papers, presentations, etc

Support business development efforts through the scoping of engagements

Qualification

Embedded security expertiseLow-level C code reviewVulnerability assessmentReverse engineeringJTAG/on-chip DebuggersCrypto implementation reviewsWi-Fi/BluetoothGit/GitHub experienceAnalytic skillsWrittenSpoken EnglishAttention to detailTeam collaboration

Required

Rapid identification of attack surfaces and entry points using implicit threat modeling techniques

Ability to connect and use JTAG/on-chip Debuggers

Low-level C code review

FreeRTOS, Android, Linux kernel drivers, protocol parsing

Sandbox policy review: SELinux/SE Android, seccomp, Linux name spaces, Minijail/Firejail

Crypto implementation code reviews, specifically for secure boot and code signing

Java, especially Android app side

ARM 32- and 64-bit assembly

Extensive Git/GitHub experience

Wi-Fi/Bluetooth

Reverse engineering, specifically firmware

Hardware/embedded system hacking

Vulnerability assessment and penetration testing

Knowledge of security-related topics, such as authentication, entitlements, identity management, data protection, data leakage prevention, validation checking, encryption, hashing, principle of least privilege, software attack methodologies, secure data transfer, secure data storage

Ability to work independently under deadline

Rigorous attention to detail and strong analytic skills

Ability to write test plans based upon initial impressions and discussions with the team

Comfortable navigating large codebases with minimal guidance

Excellent command of written and spoken English

Comfortable working as part of a multinational and multidisciplinary team

Logical and structured approach to projects

3-5 years or more of relevant work experience in a high-paced, enterprise consulting environment

Benefits

PTO

Holiday

Medical

Dental

Vision

401(k) match

Long and Short Term Disability

Life Insurance

Employee Assistance Program (EAP)

Business Travel Insurance

Company

IOActive, Inc.

IOActive is a trusted partner for Global 1000 enterprises, providing research-fueled security services across all industries.

Founded in 1998

Seattle, Washington, USA

51-200 employees

http://www.ioactive.com

H1B Sponsorship

IOActive, Inc. has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2023 (2)

2022 (1)

2021 (1)

2020 (3)