Login Sign Up
🔔 FCM Loaded

Penetration Tester – Hardware & OT/IACS Security Specialist

Themesoft Inc.

2 - 5 years

Hyderabad

Posted: 12/02/2026

Getting a referral is 5x more effective than applying directly

Job Description

Job Description: Penetration Tester Hardware & OT/IACS Security Specialist

Level- SA level.

Location- Hyderabad.


Job Summary

  • We are seeking a highly skilled and curious Penetration Tester with a strong background in hardware hacking and industrial cybersecurity. This role focuses on identifying vulnerabilities across Operational Technology (OT), Information Technology (IT), and Industrial Automation and Control Systems (IACS) environments. You will simulate real-world attacks, reverse-engineer embedded systems, and assess the resilience of critical infrastructure components.


Key Responsibilities

  • Conduct penetration tests on embedded systems, PLCs, HMIs, and industrial controllers.
  • Perform hardware-level attacks including firmware extraction, JTAG/SWD probing.
  • Analyze and reverse-engineer firmware and binaries from industrial devices.
  • Develop custom exploits and payloads for proprietary protocols and hardware.
  • Collaborate with engineering and security teams to recommend mitigation strategies.
  • Document findings in detailed technical reports and present to stakeholders.
  • Stay current with emerging threats in OT/IACS and hardware security domains.


Required Qualifications

  • Proven experience in penetration testing, especially in OT/IACS environments.
  • Strong knowledge of embedded systems, microcontrollers, and hardware interfaces (UART, SPI, I2C, JTAG).
  • Familiarity with ICS protocols and architectures.
  • Proficiency in reverse engineering tools (IDA Pro, Ghidra, Radare2).
  • Experience with hardware debugging tools (oscilloscopes, logic analyzers, chip programmers).
  • Solid understanding of threat modeling and risk assessment in industrial contexts.
  • Programming/scripting skills (Python, C, Bash, etc.).


Preferred Qualifications

  • Certifications such as OSCP, GICSP, or CEH.
  • Experience with SCADA systems and industrial network monitoring.
  • Knowledge of safety-critical systems and regulatory standards (IEC 62443, NIST SP 800-82).
  • Hands-on experience with fuzzing, fault injection, and secure boot bypass techniques.
  • Experience in Renesas hardware hacking, e.g., RX66N.



Soft Skills

  • Analytical mindset with attention to detail.
  • Strong communication skills for technical and non-technical audiences.
  • Ability to work independently and in cross-functional teams.
  • Passion for ethical hacking and continuous learning.

Services you might be interested in

Improve Your Resume Today

Boost your chances with professional resume services!

Get expert-reviewed, ATS-optimized resumes tailored for your experience level. Start your journey now.

getmereferred logo Know more