Senior Embedded Security Consultant - US
IOActive, Inc. · Seattle, WA · 10 mo ago
On-siteInformation TechnologyFull-time
About the role
This is a hybrid position with time split between the security lab and Remote. Candidates located in the greater Seattle area will be given priority consideration.
Who you are
- Ability to connect and use JTAG/Onchip Debuggers
- Soldering skills to remove flash chips and solder on test leads
- Reverse Engineering, specifically Firmware
- Knowledge of ARM and other embedded microprocessors
- Knowledge of Linux and other embedded OSs
- Proficient in at least one mainstream programming language (Java, Rust, .NET, C or C++)
- Hardware/embedded system hacking
- Development experience in software on embedded products
- Reverse engineering and source code review experience
- Vulnerability assessment and penetration testing experience
- Knowledge of security-related topics, such as authentication, entitlements, identity management, data protection, data leakage prevention, validation checking, encryption, hashing, principle of least privilege, software attack methodologies, secure data transfer, secure data storage, etc.
- Knowledge of cryptography is desirable
- Ability to work independently under deadline
- Rigorous attention to detail and strong analytic skills
- Excellent command of written and spoken English
- Comfortable working as part of a multi-national and multi-disciplinary team
- Logical and structured approach to projects
- Five years or more of relevant work experience in high-paced, enterprise environment
What you’ll do
- Undertake advanced level security evaluation tasks and duties in order to meet customer requirements and project deadlines
- Investigate possible logical attack scenarios by interpreting the code review findings, orienting the attack paths, and analyzing the test results
- Create sophisticated, state-of-the-art attacks that integrate the latest attack methods against embedded products
- Create tools to assist in project goals
- Communicate complex vulnerabilities to both technical and non-technical client staff
- Perform research on new attack vectors, discover new vulnerabilities, create new exploitation techniques
- Evangelize IOActive Labs through blogs, white papers, presentations, etc.
- Support business development efforts through the scoping of engagements
What you bring
- Knowledge of security-related topics, such as authentication, entitlements, identity management, data protection, data leakage prevention, validation checking, encryption, hashing, principle of least privilege, software attack methodologies, secure data transfer, secure data storage, etc.
- Knowledge of cryptography is desirable
- Ability to work independently under deadline
- Rigorous attention to detail and strong analytic skills
- Excellent command of written and spoken English
- Comfortable working as part of a multi-national and multi-disciplinary team
- Logical and structured approach to projects
- Five years or more of relevant work experience in high-paced, enterprise consulting environment
Salary Range & Benefits
- The salary range for this position is $90-175k annually
- USA benefits package includes PTO, Holiday, Medical, Dental, Vision, 401(k) match, Long and Short Term Disability, Life Insurance, and Employee Assistance Program (EAP), and Business Travel Insurance
What We Offer
- A chance to work with an industry leader in cyber security
- Access to world-class technical teams and research
- A high-energy, collaborative team that values innovation
- Flexibility—work remotely or from the office as needed
- Opportunities for travel
- Competitive compensation and performance-based incentives
Why IOActive
- We have over 25 years of experience that’s established and stable; yet high-growth with the energy, passion and dynamic work environment of a startup.
- We are renowned for our innovation and thought leadership within our high-profile, cutting edge space.
- We're one of "the good guys" doing crazy cool stuff to thwart bad guys in a critically important business, social and political arena.
- Our work is great fun with great importance.
- Above all else, we value our people and our customers. Relationships matter.
IOActive is an equal opportunity employer
We make hiring decisions based solely on qualifications, merit, and business needs at the time.
Service Delivery
Seattle, WA