Security Engineer · Bengaluru

• Perform hardware and firmware security testing, including Hardware VAPT, TARA analysis, and penetration testing for embedded and IoT products

• Conduct reverse engineering of firmware, binaries, and hardware components to identify vulnerabilities and weaknesses

• Execute fuzzing tests (black-box, white-box, and grey-box) on device protocols, firmware, and communication interfaces

• Perform vulnerability assessments using tools such as Nessus, OpenVAS, Nmap, and Wireshark

• Develop and maintain test plans, test cases, and security checklists aligned with IEC 62443-4 and secure development lifecycle principles

• Document findings, prepare detailed test reports, and collaborate closely with development teams to validate and resolve vulnerabilities

• Support test automation within CI/CD environments to streamline security testing workflows

The Successful Applicant

• Bachelor's degree in Engineering, Computer Science, Cyber Security, or a related technical field.

• Minimum of two years of experience in device or embedded security testing, preferably within the Industrial Automation or Automotive sectors

• Hands-on expertise in hardware penetration testing, firmware analysis, reverse engineering, and fuzzing methodologies

• Experience in Hardware and Thick Client pentesting methodologies

• Strong understanding of embedded systems, Linux environments, and communication protocols (industrial and automotive)

• Knowledge of Secure Development Lifecycle and familiarity with IEC 62443-4 or equivalent standards

• Proficiency with tools such as Nessus, OpenVAS, Nmap, Wireshark, Burp Suite, Ghidra, IDA Pro, and other security testing utilities

• Programming experience in C/C++, Python, or Shell scripting, with exposure to CI/CD tools and automation frameworks

• Excellent written and spoken English communication skills

• Proficient in using security testing tools and frameworks for embedded systems, firmware, and network protocols

• Analytical, detail-oriented, collaborative, and proactive in identifying and addressing vulnerabilities

• OSCP, CRTP, CRTO, eWPTX, CPENT, LPT, PNPT, or equivalent industry-recognized credentials

What's on Offer

• Competitive salary

• Opportunities to work with a large organization in the INDUSTRIAL AUTOMATION industry.

• Engaging work environment in Bangalore.

• Professional growth and learning opportunities within the industrial/manufacturing sector.