Assignment Description
We are seeking an automotive cybersecurity penetration tester to support advanced security assessments. The assignment covers identifying and exploiting weaknesses across both hardware and software layers, including USB, Bluetooth, Wi-Fi, and cellular interfaces. You will examine data paths between infotainment platforms and internal vehicle networks (CAN, LIN, FlexRay, DoIP), perform firmware reverse engineering, evaluate Android-based in-car applications, and execute fuzzing campaigns targeting components such as Bluetooth stacks, Wi-Fi drivers, and USB parsers. The work includes producing detailed technical documentation and collaborating with engineering teams to enable effective remediation.
Required Qualifications:
- Proven use of UART, JTAG, and SPI interfaces for firmware access and extraction
- Practical background in security testing of Bluetooth/BLE and Wi-Fi
- Solid experience working with CAN bus, UDS (Unified Diagnostic Services), and Automotive Ethernet
- Advanced working knowledge of Embedded Linux, Android Automotive OS (AAOS), or QNX
It is considered meritorious if you have over five years of experience in cybersecurity, including at least two years within automotive or IoT environments, hands-on experience using fuzzing tools such as Peach Fuzzer or AFL for embedded targets, and knowledge of secure boot, trusted execution environments (TEE), and cryptographic implementations.
