Senior Offensive Security Engineer (IoT)

March 20

Apply Now

Get a free AI resume review

Praetorian

WebsiteLinkedInAll Job Openings

Your Security Experts, solving the toughest cybersecurity problems.

IoT Security • ICS Security • Cloud Security • Web Security • Mobile Security

51 - 200

💰 $10M Series A on 2020-02

Description

• Execute on IoT Security engagements as a trusted advisor and enabler to Praetorian’s client base. • Function in one or more cross-functional specialities in IoT Security: hardware or software reverse engineering, firmware analysis, embedded cryptography, wireless protocols, glitching/side-channel analysis, or IoT PaaS security. • Identify, report, and develop mitigation strategies for IoT Security threats in Praetorian’s client base. • Develop documentation for novel mitigation strategies to emerging or undocumented security risks identified in client environments. • Develop comprehensive reports and presentations for our customers. • Stay up-to-date on trending, latest, novel attack patterns through open source research, embedded security publications, and novel engagements with Praetorian customers. • Mentor junior engineers on IoT security controls, attack patterns, and mitigations. • Contribute to the development of the IoT Security practice through process improvements and automation. • Collaborate with the security community to develop novel attack techniques, tactics, and procedures (TTPs) through Praetorian’s Security Blog and other forms of community engagement.

Requirements

• At least two years in a security-specific IoT/embedded systems role (either defensive or offensive) • Ability to write clear, concise technical reports • Ability to brief management and technical staff at major corporations • Bachelor of science (BS) in computer science, engineering, cybersecurity, physics, or mathematics or equivalent experience • Ability to travel up to 15% to support client engagements +1 Qualifications: • Prior security consulting experience • Threat modeling and/or application penetration testing experience • Experience with automotive security, ICS/SCADA security, Network device security, Medical device security, Home automation security, and/or cryptocurrency wallet security • Experience in vulnerability research, PCB rework Use of oscilloscopes or logic analyzers, use of debuggers and programmers, and/or signal analysis • Experience in Hardware RE, software RE, firmware analysis, embedded cryptography, wireless protocols, Software-defined radio, glitching, side-channel analysis, and/or IoT PaaS and similar technologies • Military training in a relevant MOS or intermediate-level cybersecurity certification: GXPN, SANS 6xx, OSCP, OSWE, eCPTx, eWPTx, or equivalent. • Master of science (MS) in computer science, engineering, cybersecurity, physics, or mathematics or equivalent experience highly preferred

Benefits

• Highly competitive salary • Employee stock option plan • Annual budget for training, certifications, and conferences • Competitive medical plans • 4% company 401K match