We are looking for a Senior Embedded Security Researcher to join our elite cybersecurity team leading end-to-end vulnerability research on modern Electric Vehicles (EVs). Simulating advanced threat actors, you will discover and exploit zero-day vulnerabilities across the entire vehicle architecture – including Telematics (TCU), Infotainment (IVI), Central Gateways, VCU, ADAS, and Safety-Critical ECUs. This role bridges deep hardware-level assessments with advanced software exploitation to improve global automotive security resilience.
Role & Responsibilities
- Hardware Security: Extract embedded firmware, establish debug access, and defeat hardware-level security and anti-tampering mechanisms
- Vulnerability Research: Reverse-engineer embedded systems and proprietary binaries to identify and exploit vulnerabilities.
- Exploit Chaining & Lateral Movement: Develop and chain exploits to bypass network segregation, transitioning from remote external access to control over internal safety-critical domains.
- Protocol Analysis: Intercept, analyze, and fuzz proprietary remote interfaces and internal vehicle network communications.
- Tooling & Mitigation: Create custom automation, fuzzing, and emulation tools. Propose secure design improvements and support coordinated vendor disclosure.
Must Have
- 5+ years in vulnerability research and exploitation of complex embedded systems.
- 5+ years of code-level reverse engineering experience.
- 2+ years of hardware security analysis experience, including physical component inspection, interface identification, and firmware extraction.
- Strong programming skills (C/C++, Python) for exploit development and custom tooling.
- Deep understanding of embedded OS internals and modern exploit mitigations.
Nice to Have
- In-depth knowledge of modern automotive network architectures and protocols.
- Experience with advanced hardware defeat techniques.
- Experience in hardware development.
- Recognized contributions to security research, CVEs, or presentations at major security conferences.
