Logo
Cynet systems Inc

Cybersecurity Test Engineer (Penetration Tester) Job at Cynet systems Inc in Zee

Cynet systems Inc, Zeeland, MI, United States, 49464

Save Job

Job Description

The Automotive Cybersecurity Penetration Tester will focus on identifying and mitigating security vulnerabilities in wired and wireless communication interfaces related to Firmware Over-the-Air (FOTA) updates. This role involves performing penetration testing, threat modeling, and risk assessments while ensuring compliance with automotive cybersecurity standards.

Responsibilities

  • Perform penetration testing on wired (CAN, Ethernet) and wireless (Wi-Fi, Bluetooth, LTE) communication interfaces used for FOTA updates.
  • Analyze system architecture and communication flows to identify potential attack surfaces.
  • Simulate real-world cyberattacks and intrusion attempts to assess system resilience.
  • Conduct threat modeling and risk assessments on FOTA-related components and interfaces.
  • Reverse-engineer communication protocols or firmware, if necessary, to identify vulnerabilities.
  • Develop and execute custom test scripts and tools to automate exploit attempts or simulate malicious behavior.
  • Document vulnerabilities with detailed proof-of-concept (PoC), severity ratings, and mitigation recommendations.
  • Collaborate with engineering teams to define and validate security requirements during design and development phases.
  • Support compliance with relevant automotive cybersecurity standards (ISO/SAE 21434, UNECE WP.29 R155).
  • Participate in security reviews, audits, and technical workshops with internal and external stakeholders.

Key Skills And Qualifications

  • Strong experience with penetration testing methodologies (OWASP, MITRE Telecommunication&CK, PTES).
  • Proficiency in network protocols and analysis tools (Wireshark, Scapy, Burp Suite, CANoe).
  • Familiarity with automotive communication technologies including CAN, LIN, Ethernet, UDS, DoIP.
  • Knowledge of wireless protocols (Bluetooth, Wi-Fi, LTE) and associated security risks.
  • Understanding of FOTA architecture, security layers, and update mechanisms.
  • Experience with threat modeling, fuzz testing, and exploit development.
  • Familiarity with ISO 21434, UNECE WP.29, or similar regulatory standards.
  • Programming/scripting knowledge (Python, C/C++, Bash) is a plus.

Education

  • Bachelor’s degree in Cybersecurity, Computer Science, Engineering, or related field, or equivalent experience.
#J-18808-Ljbffr