Embedded Device Security Consultant - USA

IOActive is seeking an Embedded Device Security Consultant to perform high-end security evaluations and research for their clients. The role involves investigating attack scenarios, developing offensive and defensive strategies, and communicating vulnerabilities to technical staff. Consultants must have expertise in C, Java, and embedded systems, and be capable of working independently and with a strong technical background.

Requirements

• Rapid identification of attack surfaces and entry points
• Ability to connect and use JTAG/on-chip Debuggers
• Low-level C code review
• FreeRTOS, Android, Linux kernel drivers, protocol parsing
• Sandbox policy review
• Crypto implementation code reviews
• Java, especially Android app side
• ARM 32- and 64-bit assembly
• Extensive Git/GitHub experience
• Wi-Fi/Bluetooth
• Reverse engineering, specifically firmware
• Hardware/embedded system hacking
• Vulnerability assessment and penetration testing
• Knowledge of security-related topics
• Consulting skills + Experience
• Ability to work independently under deadline
• Rigorous attention to detail and strong analytic skills
• Ability to write test plans
• Excellent command of written and spoken English
• Comfortable working in a multinational team
• Logical and structured approach to projects

Benefits

• PTO
• Medical
• Dental
• Vision
• 401(k) match
• Long and Short Term Disability
• Life Insurance
• Employee Assistance Program (EAP)
• Business Travel Insurance