Role:  Offensive Embedded Security Engineer - Vulnerability Research - Red Team

Role Overview:

We are seeking an Embedded Security Engineer with a deep understanding of firmware and Linux-based embedded systems, who can reverse-engineer code, develop fuzzing tools, and conduct in-depth vulnerability research. The ideal candidate will be well-versed in ARM instructions, taint analysis, and have fundamental knowledge of emulation tools like QEMU. Automotive experience is a plus.

Key Responsibilities:

Firmware Analysis & Reversing Examine embedded firmware (including Linux-based) at both high- and low-levels to identify security weaknesses. Disassemble and reverse-engineer ARM code using tools such as IDA Pro, Ghidra, or Binary Ninja. Vulnerability Research & Exploitation Develop and implement custom fuzzing frameworks targeting embedded systems. Conduct taint analysis to trace data flow and isolate security-critical functions. Discover, document, and demonstrate vulnerabilities, providing clear remediation strategies. Emulation & Testing Utilize QEMU or similar emulation platforms to recreate hardware environments for testing and analysis. Integrate emulated targets into CI/CD pipelines for continuous vulnerability scanning. Automation & Tooling Create specialized scripts and tools to streamline firmware extraction, binary analysis, and fuzzing processes. Automate complex testing routines to optimize security assessment workflows. Cross-Team Collaboration Work closely with hardware, software, and broader security teams to share findings, guide secure development practices, and implement fixes. Collaborate with automotive specialists to adapt research methods for vehicle control units (ECUs) and other automotive platforms. Research & Knowledge Sharing Keep abreast of emerging trends and techniques in embedded security, sharing insights with the team. Participate in security conferences, workshops, or internal training sessions to foster a culture of learning and continuous improvement.

Required Qualifications:

Education & Experience Bachelor’s degree in Computer Science, Electrical Engineering, or a related field is required.  Master’s degree or higher education is preferred.  Proven track record in embedded systems security, vulnerability research, and exploit development. Technical Skills Firmware Analysis: Experience with both bare-metal and Linux-based firmware, capable of navigating U-Boot, BusyBox, and similar environments. Reverse Engineering: Familiarity with ARM instruction sets and disassembly/reversing tools (IDA Pro, Ghidra, Binary Ninja). Fuzzing & Taint Analysis: Demonstrated ability to design custom fuzzers and perform data flow/taint analysis. Emulation: Hands-on experience using QEMU or similar tools to emulate embedded hardware and software. Scripting & Programming: Proficiency in Python, C/C++, or other languages relevant to firmware analysis and exploit creation.