Cybeats
Senior Security Researcher
Cybeats is looking for an experienced Security Researcher with offensive background red teamer, pentesting and malware research skills with familiarity of IoT/OT/ICS devices, strong understanding of embedded systems architecture, knowledge of ATT&CK framework, writing YARA rules and understanding responsible disclosure process.
Qualifications
Embedded Software Analysis and Pentesting 3 - 5 years
B.Sc/M.Sc in Computer Science / Electrical Engineering or equivalent experience
Responsibilities
Stay up-to-date with the latest software security vulnerabilities, protection mechanisms, and related compliance standards
Develop Python based scripts to automate day-to-day workflows and processes
Transform compliance regulations and standards into actionable tasks that can be easily integrated as product features
Perform POC for various types of vulnerabilities on test devices (Linux, Android, RTOS)
Develop multi-threaded and low-latency/low-footprint applications
Contribute to development of security controls and solutions for most recent vulnerabilities and attacks
Experience
3 years of experience in the field of cryptography and software security mechanisms
5 years of experience in developing agent code running on an embedded device
5 years of experience in C/C++ programming
5 years of experience in Linux or other Unix-like operating systems
Understanding of GIT and CI/CD practices and tools
Strong verbal and written communication skills
Advantages
Experience in Application Security, knowledge of common vulnerabilities and best practices such as OWASP Top 10, SANS 25, ASVS, ATT&K
Familiarity with some security and privacy compliance standards/regulations such as ISO/IEC 62443, NIST 800-53, CSA CCM, PCI-DSS, GDPR, and HIPAA
Experience developing embedded security products
Experience developing anti-tampering functionality/TPM modules
Experience in Linux user-space, kernel driver/module development
Understanding of REST API communication
Experience with cryptographic functions and hashing algorithms
Understanding of TLS/PKI based data communication concepts
Experience with the following operating system (Linux, Android, QNX, RTOS)
Knowledge in assembly language (ARM/x86/MIPS/PPC)
Understanding SAST/DAST tools and embedded debugging techniques
Experience with C CERT coding practices great advantage
Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.
Cybeats is an equal opportunity employer. We enthusiastically accept our responsibility to make employment decisions without regard to race, religious creed, color, age, sex, sexual orientation, national origin, ancestry, citizenship status, religion, marital status, disability, military service or veteran status, genetic information, medical condition including medical characteristics, or any other classification protected by applicable federal, state, and local laws and ordinances. Our management is dedicated to ensuring the fulfillment of this policy with respect to hiring, placement, promotion, transfer, demotion, layoff, termination, recruitment advertising, pay, and other forms of compensation, training, and general treatment during employment.
We will only review applications submitted though the form on our Careers page.