Back to feed

Hardware Security and Vulnerability Analyst - Remote

Remote Full-time Live

EOE Statement We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status or any other characteristic protected by law. Description Hardware Security and Vulnerability Analyst - Remote

  • EndoSec LLC,
  • Remote
  • Preferred Skills: C/C++, Python, assembly, IDA Pro, Ghidra, FPGA, cryptography, hardware, embedded software, hardware security, reverse engineering, side channel attacks, fault injection
  • Travel required up to 20%.

Full Time Must be able to apply for and maintain a U.S. Government Security Clearance

Job Description

The EndoSec Hardware Security and Vulnerability Analyst is responsible for extracting and analyzing firmware and data at rest, identifying vulnerabilities in software, firmware, and hardware, as well as developing proof of concept exploits. The candidate will collaborate with other engineers and security experts to find and exploit security flaws and vulnerabilities within devices and designs as well as to build secure and efficient systems, contributing to our products and services' ongoing security and privacy. This is a remote position.

Key Responsibilities

  • System Analysis: Analyze systems to understand functionality, failure points, and consequences of failure.
  • Security Measure Circumvention: Bypass implemented security measures to gain access to sensitive data, including enabling debugging, forging or bypassing signatures, gaining elevated privileges, and simulating environmental and working conditions.
  • Binary Code Extraction and Analysis: Extract firmware, executables, and other sensitive data from embedded systems and analyze the extracted code for possible vulnerabilities and sensitive data, e.g. passwords, cryptographic keys, etc.
  • Side-Channel Analysis and Fault Injection: Setup and perform side-channel analysis to recover sensitive data, e.g. cryptographic keys, sensitive plaintext, etc. Setup and perform fault injection attacks to bypass security measures and/or recover sensitive data.
  • Exploit Development: Develop custom and novel exploits to bypass security measures, recover sensitive data, or gain elevated privileges in embedded systems.
  • Documentation: Prepare detailed documentation, including physical setups, testing procedures, and user guides, for reproducibility of found results and maintenance.
  • Continuous Learning: Stay current with the latest advancements in reverse engineering and hardware security to continually refine and enhance skills.

Position Requirements Position Requirements

  • Ability to obtain and maintain a US government security clearance.
  • Bachelor's degree in Electrical Engineering, Computer Engineering, or a related field.
  • Experience reverse engineering embedded systems including using standard tools such as IDA Pro, Ghidra, etc.
  • Experience working with FPGAs, hardware description languages (VHDL, Verilog), microcontrollers, SoCs, and related hardware (Flash, SRAM, DRAM, etc.).
  • Strong programming skills in scripting languages (Python, JavaScript, bash) and C/C++ for hardware/software integration.
  • Experience standard interfaces (AXI, SPI, UART, JTAG).
  • Strong analytical and problem-solving skills, with the ability to understand complex software and hardware designs.
  • Strong documentation skills and the ability to convey complex information clearly and effectively.
  • Collaborative mindset and excellent communication skills to work effectively with cross-functional teams.
  • Experience in hardware security and reverse engineering techniques.

Preferred Qualifications

  • Advanced degree (M.S. or Ph.D.) in Electrical Engineering, Computer Engineering, or a related field.
  • Knowledge of cryptographic algorithms and experience implementing mathematical algorithms in hardware or software.
  • Experience in tamper detection and anti-reverse engineering techniques.

Full-Time/Part-Time Full-Time This position is currently accepting applications. Apply tot his job Apply To this Job Apply tot his job Apply To this Job

Apply

On the same wavelength

[Remote] Threat & Vulnerability Analyst

Remote Full-time

Cybersecurity Vulnerability Analyst - Remote Opportunity with Skillifyx Technology and Workwarp ($28-$40/hour)

Remote Full-time

Senior Vulnerability Management Analyst

Remote Full-time

Staff Security Engineer - Vulnerability Management US Public Sector

Remote Full-time

Senior Wealth Advisor & Practice Lead - Wealth Management / Personal Strategy - Boston region

Remote Full-time

Sr. Staff Security Engineer – Vulnerability Management (HYBRID)

Remote Full-time

Walmart Remote Client Support File Reviewer – Apply Instantly

Remote Full-time

(USA) Manager, Digital Media - Paid Search

Remote Full-time

Executive Assistant - Merchandising (Entertainment, Toys and Seasonal)

Remote Full-time

[No Experience] Walgreens Data Entry Remote – Immediate Hiring

Remote Full-time

Data Entry Specialist (Part-Time, Evening)

Remote Full-time

Experienced Technical Support Engineer – Azure App Services and Cloud Solutions Specialist

Remote Full-time

Experienced Full Stack Customer Service Representative – Remote Work Opportunity with arenaflex

Remote Full-time

Freight Broker Sales Agent (Remote)

Remote Full-time

Team Lead, Payroll Operations | USA

Remote Full-time

Full-time Staff: Academic Advisor

Remote Full-time

[Work From Home] Need Math Learning Center Manager in Marietta

Remote Full-time

Senior Identity and Access Management (IAM) Security Architect - Designing Secure Multi-Cloud Architectures Remotely

Remote Full-time

Sr. Associate Manager | Analyst Relations

Remote Full-time

Experienced Stretching Specialist Wanted to Join Our Innovative Wellness Team in Hockessin, DE

Remote Full-time