Experience Inc. Jobs

Associate Cyber Security Test Engineer

Job Description

What is the job about?

Our Digital Development teams are highly cross-functional with our business colleagues and customers setting the direction.As a Cyber security Tester, you will be responsible for identifying and mitigating security vulnerabilities in embedded systems and firmware across a variety of devices, including IoT devices. You will work closely with cross-functional teams, including software engineers, hardware engineers, and security analysts, to ensure the security and resilience of our products against potential threats.

Your main responsibilities :

The Cyber security test engineer is, throughout the lifetime of a digital solution, accountable for:

• Perform security assessments and penetration testing on embedded systems and firmware to identify vulnerabilities and weaknesses.

• Develop and execute test plans, test cases, and scripts to uncover security flaws within embedded software.

• Conduct static and dynamic analysis of firmware and software binaries to identify potential vulnerabilities.

• Reverse engineer firmware and embedded systems to understand potential attack vectors and develop exploitation techniques.

• Collaborate with development teams to remediate identified vulnerabilities and provide guidance on secure coding practices.

• Develop and maintain security testing tools, scripts, and frameworks specifically tailored for embedded systems.

• Keep up-to-date with the latest security trends, vulnerabilities, attack vectors, and mitigation strategies specific to embedded systems.

• Prepare detailed technical reports, including proof-of-concept exploits, risk assessments, and recommendations for security improvements.

• Work with hardware interfaces, including JTAG, UART, SPI, and I2C, to extract firmware and assess security postures.

• Conduct security research on new embedded technologies, protocols, and platforms.

Your Background :

• Bachelor's degree in Computer Science, Electrical Engineering, Cybersecurity, or a related field. Equivalent experience will be considered.

• Proven experience in embedded software development, reverse engineering, or penetration testing.

• Strong knowledge of embedded systems architecture, operating systems, and firmware development.

• Proficiency in programming languages such as C, C++, Python, and assembly.

• Experience with tools such as Ghidra, IDA Pro, Binary Ninja, Burp Suite, and Wireshark.

• Knowledge of various embedded communication protocols (e.g., CAN, Modbus, Zigbee, Bluetooth, etc.).

• Familiarity with hardware hacking techniques, including chip-off attacks, glitching, and side-channel analysis.

• Strong understanding of security principles, cryptography, and secure coding practices.

• Experience with source code analysis and understanding of common software vulnerabilities (e.g., buffer overflows, format string vulnerabilities, etc.).

• Excellent analytical, problem-solving, and communication skills.

• Relevant certifications such as CEH, OSCP, OSCE, CISSP, or GIAC Embedded Systems Security (GICSP) are a plus.

Do you want to learn more?

This position is based InChennai. If this sounds appealing to you, please upload your CV/resume and cover letter today via our Careers portal.

If you want to dig deeper into the Grundfos universe, please visit us on LinkedIn or Youtube and to get to know some of your future colleagues and why they appreciate working at Grundfos, check out Meet our people

We look forward to hearing from you.

Information at a Glance

Job details

Application deadline:

Workplace: Hybrid (office and home-working)

Job Location: Chennai, Tamil Nādu, India

Contract Type: Full-Time

Employment Type: Regular