
Ethical Hacker – Hardware
Posted 1 hour ago

Posted 1 hour ago
This is a fully remote position, open to applicants in Texas.
• Develop and implement comprehensive hardware penetration tests on embedded and IoT devices, adhering to a specified scope and rules of engagement.
• Discover, access, and exploit on-board debugging interfaces such as JTAG, SWD, UART, and others to achieve code execution or memory access.
• Retrieve firmware through debug ports, in-circuit flash reads (SPI / I2C / NAND), or chip-off methods when necessary, and assess it for vulnerabilities.
• Capture and examine data on standard embedded buses (SPI, I2C, UART, CAN, USB) utilizing logic analyzers and protocol decoders.
• When applicable, conduct side-channel analysis and fault injection (power analysis, voltage/clock glitching) to circumvent secure boot, readout protection, or authentication processes.
• Reverse engineer firmware and embedded binaries (using tools like Ghidra, IDA, Binwalk, etc.) to uncover logic flaws, hardcoded secrets, and exploitable conditions.
• Evaluate the physical attack surface, assess tamper resistance, and analyze key/secret storage mechanisms.
• Differentiate between theoretical risks and those relevant to operational scenarios to ensure actionable findings.
• Produce high-quality technical reports and deliver presentations of findings to client stakeholders, both technical and non-technical.
• Provide practical, prioritized remediation advice that clients can implement.
• Foster client confidence through credibility, effective communication, and demonstrable impact.
• Develop and maintain lab tools, testing rigs, and internal methodologies.
• Participate in research, responsible disclosure, and internal knowledge-sharing initiatives.
• Remain updated on hardware attack methodologies, embedded architectures, and defensive measures.
• A degree in Information Security, Computer Science, or Computer/Electrical Engineering (or equivalent practical experience).
• Strong understanding of electronics fundamentals, with the ability to interpret schematics and datasheets to analyze a circuit board.
• Proficient in hands-on soldering, including surface-mount (SMD) rework and basic chip removal techniques.
• Proven experience in accessing debug interfaces (JTAG, SWD, UART) and extracting firmware from actual devices.
• Familiarity with essential bench instruments: logic analyzer, oscilloscope, and multimeter.
• Skills in firmware reverse-engineering and proficiency in scripting with Python, alongside sufficient C knowledge to interpret embedded code.
• Knowledge of common embedded architectures (ARM/Cortex-M, MIPS, AVR, RISC-V) and concepts pertaining to RTOS/bare-metal systems.
• Excellent written and verbal communication skills.
• Preferred qualifications (one or more would be beneficial): Experience in side-channel/fault-injection (e.g., ChipWhisperer), RF and wireless technologies: SDR, BLE, sub-GHz, Wi-Fi, understanding of secure boot chains, TEEs, secure elements, and HSMs, familiarity with PCB design (KiCad / Altium) for grasping target boards, published CVEs, conference presentations, CTF placements, or contributions to open-source tools, relevant certifications (e.g., OSCP for breadth, or hardware-centric training).
• GRRSP with corporate matching in Canada.
• Access to corporate benefit plans within Canada.
• A flexible work environment that empowers employees to perform at their best.
• Immediate and ongoing offensive security training, mentorship, and professional development opportunities to enhance your technical skills.
DATAGROUP
CrowdStrike
GitLab
CrowdStrike
Get handpicked remote jobs straight to your inbox weekly.