Automotive Cybersecurity Penetration Testing

Primary Skills:

• Targeted pen testing/security analysis of ECU features at all levels e.g., secure boot, secure OS/TEE, secure protocol implementation, key management systems, debug access activation methods, paid feature activation, system architecture, etc.
• Good Knowledge of modern automotive embedded systems, secure boot in all facets, baseband (LTE/GSM), Android/Linux/Autosar, CAN/Ethernet.
• Liaising with ECU SW developers to explain security issues and provide feedback on proposed solutions.
• Supporting the security test developers by providing input to new features and regression test development.
• Good Knowledge of Reverse engineering, fuzzing (custom fuzzer development), PoC exploit development, source code review, hardware tampering, design reviews.

Must have:

• Very good knowledge of cyber security, embedded systems and cryptography, which you are passionate about developing on a daily basis.
• Relevant professional experience with pen testing and/or offensive security and reverse engineering.
• Very strong (embedded) Linux knowledge.
• Fluency in written and spoken English.

Nice to have:

• A relevant tertiary qualification with a security component.
• Knowledge of common automotive protocols.
• Experience with automotive bus and protocol analysis tools.
• Any relevant technical certifications - e.g., OSCP