Spyro Soft
Tech stack:
Secure boot, firmware security, OTA updates
Cryptography (AES, RSA, ECC) & hardware security (TPM, HSM, TrustZone)
Embedded interfaces & protocols: CAN, LIN, Modbus, BLE, Wi-Fi, TCP/IP
Penetration testing on embedded targets: JTAG, UART, SPI, I²C
Cloud IoT platforms & secure communication: AWS/Azure/GCP IoT, TLS/DTLS, MQTT(S)
Secure code review (C/C++, Rust, Python) & DevSecOps / CI/CD security
Requirements:
Proven experience performing advanced penetration testing on embedded systems, IoT devices, and cloud-connected architectures
Strong background in identifying, exploiting, and documenting security weaknesses across a broad range of environments
Deep understanding of embedded security attack vectors: side-channel attacks, fault injection, firmware tampering, replay attacks, MITM
Experience with vulnerability scanning, fuzzing, exploit development, and hardware-level security assessment
Solid knowledge of secure communication protocols, cryptography, secure boot mechanisms, and secure firmware design
Ability to translate complex technical findings into clear, actionable recommendations for both technical and non-technical stakeholders
Familiarity with risk assessment frameworks such as ISO 21434, IEC 62443, ISO 27005
Understanding of data protection requirements (GDPR / HIPAA) in cloud-integrated IoT ecosystems
Experience with secure SDLC, DevSecOps, and CI/CD security practices
Strong analytical, problem-solving, and communication skills
Relevant certifications such as OSCP, GPEN, CompTIA PenTest+ (highly valued)
Main responsibilities: Senior Penetration Tester with a proven track record of successfully identifying and exploiting security weaknesses across a wide range of systems and environments. The ideal candidate will have deep expertise in advanced penetration testing methodologies, tools, and reporting, with strong analytical and problem-solving skills. Experience in embedded systems security is highly desirable and will be considered a significant advantage. This role requires excellent communication skills to translate technical findings into clear, actionable recommendations for stakeholders.
#J-18808-Ljbffr
Secure boot, firmware security, OTA updates
Cryptography (AES, RSA, ECC) & hardware security (TPM, HSM, TrustZone)
Embedded interfaces & protocols: CAN, LIN, Modbus, BLE, Wi-Fi, TCP/IP
Penetration testing on embedded targets: JTAG, UART, SPI, I²C
Cloud IoT platforms & secure communication: AWS/Azure/GCP IoT, TLS/DTLS, MQTT(S)
Secure code review (C/C++, Rust, Python) & DevSecOps / CI/CD security
Requirements:
Proven experience performing advanced penetration testing on embedded systems, IoT devices, and cloud-connected architectures
Strong background in identifying, exploiting, and documenting security weaknesses across a broad range of environments
Deep understanding of embedded security attack vectors: side-channel attacks, fault injection, firmware tampering, replay attacks, MITM
Experience with vulnerability scanning, fuzzing, exploit development, and hardware-level security assessment
Solid knowledge of secure communication protocols, cryptography, secure boot mechanisms, and secure firmware design
Ability to translate complex technical findings into clear, actionable recommendations for both technical and non-technical stakeholders
Familiarity with risk assessment frameworks such as ISO 21434, IEC 62443, ISO 27005
Understanding of data protection requirements (GDPR / HIPAA) in cloud-integrated IoT ecosystems
Experience with secure SDLC, DevSecOps, and CI/CD security practices
Strong analytical, problem-solving, and communication skills
Relevant certifications such as OSCP, GPEN, CompTIA PenTest+ (highly valued)
Main responsibilities: Senior Penetration Tester with a proven track record of successfully identifying and exploiting security weaknesses across a wide range of systems and environments. The ideal candidate will have deep expertise in advanced penetration testing methodologies, tools, and reporting, with strong analytical and problem-solving skills. Experience in embedded systems security is highly desirable and will be considered a significant advantage. This role requires excellent communication skills to translate technical findings into clear, actionable recommendations for stakeholders.
#J-18808-Ljbffr