Your Role
This role involves conducting and facilitating penetration testing at the vehicle, component, and functional levels.
The candidate will simulate real-world attack scenarios targeting embedded systems, automotive interfaces, wireless protocols, and connected services
- Contribute to the development and continuous improvement of Cybersecurity Verification & Validation (V&V) activities.
- Define, tailor, and execute/facilitate grey-box and black-box penetration testing at ECU, functional, and vehicle levels.
- Conduct fuzz testing on automotive interfaces and services to uncover unknown vulnerabilities.
- Demonstrate compliance with automotive cybersecurity standards and regulations such as ISO/SAE 21434, UNECE R155, AIS 189, and GB 44495.
- Perform penetration testing in both lab and on-site environments, with flexibility for travel.
Your Profile
- Connected Systems (Web/Mobile app, Server, APIs, Cloud etc.)
- Vehicle and ECU security features (e.G., secure communication, secure OTA, secure boot, secure diagnostics, firewall, IDS, logging etc.)
- Fuzz testing tools and techniques for automotive systems
- Proficiency in reverse engineering firmware using tools like Ghidra or IDA Pro.
- Experience with restbus simulation, flashing toolchains, and diagnostic tools (e.G., CANoe, vFlash, CANoe.DiVA).
- Experience conducting manual security code reviews for embedded and connected system software.