Participate in project teams applying knowledge of embedded systems to perform vulnerability testing of embedded systems including IoT devices, automotive embedded control units (ECUs). Develop clearly written documentation describing engineering concepts, designs, project results and other project related artifacts. Contribute new ideas, approaches and techniques during project meetings. Preparation of formal and informal technical presentations for prospective clients, existing clients and conferences. Projects commonly require limited travel to client sites.
Requires a Bachelors or Masters degree in Computer Engineering, Electrical Engineering, or Computer Science with at least a 3.25 GPA and 0 – 2 years of hardware and software skills. Coursework or project experience in computer, embedded system, IoT, network, or software security vulnerability testing. Must have ability to be a part of an engineering team, e.g. strong oral and written communication skills; must have experience with boot loaders and embedded applications, knowledge of Windows, Linux, Android and iOS; experience with security evaluation and threat assessments of embedded systems; must have an understanding of common cryptographic algorithms and protocols; must have an understanding of common weaknesses and modern attacks on cryptographic algorithms and protocols; must be familiar with compiler internals, debuggers, disassemblers, and other low level development and analysis tools. Skills required: Strong language skills (both written and verbal), problem solving skills, ability to think critically and creatively, demonstrated ability to program in multiple programming languages; relevant languages include assembly, Java, C/C++, Python, C#, experience using Linux, Windows and Microsoft Office suite, trained and experienced in both hardware and software skills; demonstrated, practical understanding of computer architectures, willingness and ability to learn new systems and technologies quickly. Preferred knowledge includes: strong understanding of embedded systems / software, hardware skills to include printed circuit board (PCB) reverse engineering, application of common microcontroller programming tools and debugging interfaces, data bus monitoring (snooping) and data injection, communications protocol analysis, wireless communications channel snooping and data injection. Additional software skills could include: software/firmware extraction, reverse engineering, and functional analysis, memory image capture, static memory analysis, and data element extraction, system security architecture analysis and design, and risk management analysis, encryption system implementation analysis for multiple encryption types (symmetric and asymmetric). Travel required. A valid/clear driver's license is required.
Applicant selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. Applicant must be a U.S. citizen.
Job code: 10-00977