Senior Embedded Security Consultant - Cheltenham

Senior Embedded Security Consultant - CheltenhamJoin to apply for the Senior Embedded Security Consultant - Cheltenham role at IOActive, Inc.Senior Embedded Security Consultant - Cheltenham2 days ago Be among the first 25 applicantsJoin to apply for the Senior Embedded Security Consultant - Cheltenham role at IOActive, Inc.OUR MISSION UNITES US
\"Making the world a safer and more secure place.\"
It's our mission, plain and simple. It drives everything we do - from research to client work to community involvement. And it unifies our global team into an elite force with integrity, fierce passion, and relentless creativity that doesn't just "push the envelope" or "think outside the box." We shred the envelope, crush the box, and we have fun doing it. We are always looking for people who share our mission to join us.
This is not a Remote position. This position is expected to report for work at our security lab in Cheltenham, United Kingdom.
About IOActive
IOActive, a trusted partner for Global 1000 enterprises, provides research-fueled security services across all industries. Our cutting-edge cybersecurity teams provide highly specialized technical and programmatic services including full-stack penetration testing, program efficacy assessments, and hardware hacking. IOActive brings a unique attacker's perspective to every engagement to maximize cybersecurity investments and improve the security posture and operational resiliency of our clients. Founded in 1998, IOActive is headquartered in Seattle with global operations, including state of the art hardware hacking labs in Seattle, WA, Madrid, Spain and Cheltenham, UK.
Who You Are
Embedded Device Security Consultants are responsible for performing high-end security evaluations and research for our clients, focused on a range of embedded devices. In this role, you will work with other team members to deliver high-quality results to IOActive's clients throughout the world.
Our consultants maintain a high level of expertise regarding known threats and technical advances in embedded security. This position requires expert knowledge in areas such as C, Java, assembly languages, open platforms, and cryptography.
The Embedded Device Security Consultant will undertake advanced level security evaluation tasks and duties in order to meet customer requirements and project deadlines.
What You'll Do
Investigate possible logical attack scenarios by interpreting the code review findings, orienting the attack paths, and analyzing the test resultsDevelop sophisticated, state-of-the-art attacks that integrate the latest attack methods against embedded productsCreate tools to assist in project goalsCommunicate complex vulnerabilities to both technical and non-technical client staffPerform research on new attack vectors, discover new vulnerabilities, create new exploitation techniquesEvangelize IOActive Labs through blogs, white papers, presentations, etc.Support business development efforts through the scoping of engagements
What You Bring
Required Technical Skills
Rapid identification of attack surfaces and entry points using implicit threat modeling techniquesAbility to connect and use JTAG/on-chip DebuggersLow-level C code reviewFreeRTOS, Android, Linux kernel drivers, protocol parsingSandbox policy review: SELinux/SE Android, seccomp, Linux name spaces, Minijail/FirejailCrypto implementation code reviews, specifically for secure boot and code signingJava, especially Android app sideARM 32- and 64-bit assemblyExtensive Git/GitHub experienceWi-Fi/BluetoothReverse engineering, specifically firmwareHardware/embedded system hackingVulnerability assessment and penetration testingKnowledge of security-related topics, such as authentication, entitlements, identity management, data protection, data leakage prevention, validation checking, encryption, hashing, principle of least privilege, software attack methodologies, secure data transfer, secure data storage
Consulting Skills + Experience
Ability to work independently under deadlineRigorous attention to detail and strong analytic skillsAbility to write test plans based upon initial impressions and discussions with the teamComfortable navigating large codebases with minimal guidanceExcellent command of written and spoken EnglishComfortable working as part of a multinational and multidisciplinary teamLogical and structured approach to projects3-5 years or more of relevant work experience in a high-paced, enterprise consulting environment
What We Offer
A chance to work with an industry leader in cyber security
Access to world-class technical teams and research
A high-energy, collaborative team that values innovation
️ Opportunities for travel
Competitive compensation and performance-based incentives
If this sounds like your kind of challenge, we'd love to hear from you. Let's talk!
Why IOActive
We have over 25 years of experience that's established and stable; yet high-growth with the energy, passion and dynamic work environment of a startup. We are renowned for our innovation and thought leadership within our high-profile, cutting edge space. We're one of "the good guys" doing crazy cool stuff to thwart bad guys in a critically important business, social and political arena. Our work is great fun with great importance. Above all else, we value our people and our customers. Relationships matter.
IOActive is an equal opportunity employer that is committed to diversity and inclusion in the workplace. We prohibit discrimination and harassment of any kind based on race, color, sex, religion, sexual orientation, national origin, disability, genetic information, pregnancy, or any other protected characteristic as outlined by federal, state, or local laws.
This policy applies to all employment practices within our organization, including hiring, recruiting, promotion, termination, layoff, recall, leave of absence, compensation, benefits, training, and apprenticeship. IOActive makes hiring decisions based solely on qualifications, merit, and business needs at the time.Seniority levelSeniority levelMid-Senior levelEmployment typeEmployment typeFull-timeJob functionJob functionInformation TechnologyIndustriesComputer and Network SecurityReferrals increase your chances of interviewing at IOActive, Inc. by 2xGet notified about new Senior Security Consultant jobs in Bishop's Cleeve, England, United Kingdom.Gloucester, England, United Kingdom 1 week agoCyber Security & Information Assurance ConsultantsGreat Malvern, England, United Kingdom 1 week agoGloucester, England, United Kingdom 2 days agoKnightsbridge, England, United Kingdom 1 week agoEmbedded Device Security Consultant - CheltenhamBishop's Cleeve, England, United Kingdom