Staff Security Engineer (IoT)

Staff Security Engineer.
 
Location: #Tysons.
Salary: Competitive.
Employer: Alarm.com.
 
Responsibilities:
•  Perform IoT penetration testing, including firmware extraction, reverse engineering, and vulnerability discovery.
•  Perform security research, analysis, and testing via threat modeling, vulnerability assessment, penetration testing, and/or social engineering across a wide variety of applications, platforms and systems.
•  Use a combination of manual and automated techniques to assess risks and circumvent security mechanisms of devices and application.
•  Oversee and manage the deployment, integration, and configuration of security solutions and enhancements to existing IoT infrastructure and the enterprise’s security documents.
•  Select and acquire additional security solutions or enhancements to existing security solutions to improve overall IoT enterprise security.
•  Clearly outline and document risk impacts of test findings in reports.
•  Test, triage, and drive remediation of security issues reported by external parties.
•  Actively partner with infrastructure, application, product, and other stakeholders to ensure deployed solutions minimize security and privacy risks.
•  Other duties as assigned.
 
Requirements:
•  B.A. or B.S. (or higher) in Computer Science, Electrical Engineering, or a related engineering program with strong academic performance preferred.
•  10+ years of information security experience, with a strong focus on offensive security, penetration testing, or vulnerability research.
•  Prior experience performing security testing and assessment in IoT, embedded, or firmware based environments.
•  Working knowledge of embedded system design and constraints (development experience a plus, but not required).
•  Familiarity with using hardware debugging equipment such as oscilloscopes, logic analyzer and other tools.
•  Familiarity with interface protocols such as UART, I2C, SPI, JTAG, and related tooling.
•  Experience analyzing embedded Linux systems and firmware images.
•  Familiarity with ARM CPU architectures with exposure to x86, RISC-V, or others as a plus.
•  Experience with reverse-engineering tools such as IDA Pro, Ghidra, and/or Binary Ninja.
•  Certification in one or more Information Security disciplines is preferred or ability to obtain certifications.
•  Self-starter, analytical, tenacious problem solver.
•  Strong verbal and written communication skills for a highly collaborative environment.
•  Rigorous attention to detail and focus on quality of deliverables.
•  Proven team experience and comfort in a team-oriented environment.
•  Passion for working with technology and excitement for creating high quality consumer technology product.
 
⚡ Показать контакты
 
#Офис #ИБ