Principal Security Consultant (Hardware/Embedded)

TL;DR

Principal Security Consultant (Hardware/Embedded): Conducting advanced security assessments and penetration testing on hardware and embedded systems with an accent on firmware analysis, reverse engineering, and vulnerability research. Focus on identifying critical security flaws in IoT, automotive, and industrial control systems to provide actionable remediation strategies for enterprise clients.

Location: Must be based in the United States

Company

hirify.global is a leader in proactive security and Penetration Testing as a Service (PTaaS), combining expert security professionals with AI-driven automation to secure Fortune 500 companies and major financial institutions.

What you will do

• Perform comprehensive hardware and firmware penetration tests on IoT, automotive, and industrial control systems.
• Lead threat modeling exercises and develop custom testing methodologies for complex hardware platforms.
• Identify, analyze, and document security vulnerabilities and exploits in hardware and firmware.
• Collaborate with clients to design effective remediation strategies and improve their overall security posture.
• Mentor junior team members and contribute to the development of internal testing standards and tools.
• Research and develop innovative techniques for hardware security testing and contribute to the security community.

Requirements

• Must be based in the United States
• Extensive experience in hardware/embedded systems design, development, or security consulting (4-10+ years depending on background).
• Hands-on experience with hardware penetration testing techniques including soldering, probing, and hardware debugging.
• Strong understanding of embedded architectures, communication protocols (SPI, I2C, UART), and reverse engineering.
• Proficiency in Linux, Unix, QNX, or Windows operating systems.
• Excellent communication skills with the ability to explain complex technical findings to non-technical stakeholders.

Nice to have

• Programming experience in C or C++.
• Experience with automotive security (CAN bus) or medical device testing.
• Knowledge of cryptographic algorithms and secure software development practices.
• Relevant certifications such as GXPN, GPEN, OSCP, or CISSP.
• Experience participating in or organizing Capture-The-Flag (CTF) competitions.

Culture & Benefits

• Opportunity to work with a world-class team using top-tier custom security tools.
• Engagement with critical infrastructure and high-impact security projects.
• Commitment to professional growth through mentorship and internal knowledge sharing.
• Support for community contributions including white papers, blogs, and tool development.
• Collaborative and innovative workplace culture focused on proactive security disruption.