Jobs · himalayas

I

Embedded Device Security Consultant

Solstice Analytics · United States · Posted 18d ago

remoteseniorEstimated 100k-231k USD🇺🇸 United States
Apply on himalayas

About the role

Perform high-end security evaluations and research for embedded devices.

OUR MISSION UNITES US "Making the world a safer and more secure place. " It’s our mission, plain and simple. It drives everything we do – from research to client work to community involvement. And it unifies our global team into an elite force with integrity, fierce passion, and relentless creativity that doesn’t just “push the envelope” or “think outside the box.” We shred the envelope, crush the box, and we have fun doing it. We are always looking for people who share our mission to join us. About Solstice Analytics : Solstice Analytics , a trusted partner for Global 1000 enterprises, provides research-fueled security services across all industries. Our cutting-edge cybersecurity teams provide highly specialized technical and programmatic services including full-stack penetration testing, program efficacy assessments, and hardware hacking. Solstice Analytics brings a unique attacker’s perspective to every engagement to maximize cybersecurity investments and improve the security posture and operational resiliency of our clients. Founded in 1998, Solstice Analytics is headquartered in Seattle with global operations, including state of the art hardware hacking labs in Seattle, WA, Madrid, Spain and Cheltenham, UK. Who you are: Our Embedded Device Security consultants maintain a high level of expertise regarding threats and technical advances in embedded security. This position requires expert knowledge in areas such as C, Java, assembly languages, open platforms, and cryptography. Intellectual curiosity, the ability to navigate ambiguous environments and a bias to action are critical competencies required for success. What you'll do: Perform high-end security evaluations and research for our clients, focused on a range of embedded devices Work with other team members to deliver high-quality results to Solstice Analytics ’s clients throughout the world Investigate possible logical attack scenarios by interpreting the code review findings, orienting the attack paths, and analyzing the test results Develop sophisticated, state-of-the-art attacks that integrate the latest attack methods against embedded products Create tools to assist in project goals Communicate complex vulnerabilities to both technical and non-technical client staff Perform research on new attack vectors, discover new vulnerabilities, create new exploitation techniques Evangelize Solstice Analytics Labs through blogs, white papers, presentations, etc. Support business development efforts through the scoping of engagements What you bring: Required Technical Skills Rapid identification of attack surfaces and entry points using implicit threat modeling techniques Ability to connect and use JTAG/on-chip Debuggers Low-level C code review FreeRTOS, Android, Linux kernel drivers, protocol parsing Sandbox policy review: SELinux/SE Android, seccomp, Linux name spaces, Minijail/Firejail Crypto implementation code reviews, specifically for secure boot and code signing Java, especially Android app side ARM 32- and 64-bit assembly Extensive Git/GitHub experience Wi-Fi/Bluetooth Reverse engineering, specifically firmware Hardware/embedded system hacking Vulnerability assessment and penetration testing Knowledge of security-related topics, such as authentication, entitlements, identity management, data protection, data leakage prevention, validation checking, encryption, hashing, principle of least privilege, software attack methodologies, secure data transfer, secure data storage Consulting Skills + Experience Ability to work independently under deadline Rigorous attention to detail and strong analytic skills Ability to write test plans based upon initial impressions and discussions with the team Comfortable navigating large codebases with minimal guidance Excellent command of written and spoken English Comfortable working as part of a multinational and multidisciplinary team Logical and structured approach to projects 3-5 years or more of relevant work experience in a high-paced, enterprise consulting environmen t Salary Range & Benefits The salary range for this position is $80-120k annually USA benefits package includes PTO, Holiday, Medical, Dental, Vision, 401(k) match, Long and Short Term Disability, Life Insurance, and Employee Assistance Program (EAP), and Business Travel Insurance What We Offer 🎯A chance to work with an industry leader in cyber security 💡Access to world-class technical teams and research 🏆A high-energy, collaborative team that values innovation 💻Flexibility—work remotely or from the office as needed ✈️Opportunities for travel 💰Competitive compensation and performance-based incentives If this sounds like your kind of challenge, we’d love to hear from you. Let’s talk! Why I O Active: We have over 25 years of experience that’s established and stable; yet high-growth with the energy, passion and dynamic work environment of a startup. We are renowned for our innovation and thought leadership within our high-profile, cutting edge space.We're one of “the good guys” doing crazy cool stuff to t

Read the full posting on himalayas

FAQ

Is the Embedded Device Security Consultant role at Solstice Analytics remote?+

This Embedded Device Security Consultant position is listed as remote (United States).

What is the salary for the Embedded Device Security Consultant role at Solstice Analytics?+

The listing states Estimated 100k-231k USD.

What seniority level is this Embedded Device Security Consultant role?+

This is a senior level position.

How do I apply for the Embedded Device Security Consultant role at Solstice Analytics?+

Use the "Apply on himalayas" button to open the original posting on himalayas, where you can submit your application directly to Solstice Analytics.