IoT / ICS / OT Penetration Tester

USA, CanadaFull-TimeSenior
Salary not disclosed
Apply NowOpens the employer's application page

Job Details

Experience
5+ years
Required Skills
PythonBashC++

Requirements

  • Bachelor's degree in Computer Science, Electrical Engineering, or related field.
  • 5+ years of hands-on experience in IoT, embedded, ICS/OT, or automotive security.
  • Proficiency with hardware-level security (JTAG/SWD, UART, SPI, PCB soldering/rework).
  • Experience with firmware reverse engineering tools such as Ghidra or Binary Ninja.
  • Ability to analyze ARM, MIPS, PPC, x86, and x64 architectures.
  • Knowledge of IoT/automotive wireless protocols (BLE, Zigbee, Z-Wave, CAN, cellular).
  • Competency in C/C++ source code review for security weaknesses.
  • Familiarity with SBOM formats (CycloneDX, SPDX) and vulnerability management.
  • Knowledge of relevant industry standards (EU CRA, CE RED, ISO 21434, US IoT Cyber Trust Mark).
  • Experience with Python and Bash for scripting and automation.
  • Familiarity with AI-assisted security tooling and LLM-based workflows.

Responsibilities

  • Plan and execute penetration tests and security assessments against IoT, ICS/OT, and automotive targets.
  • Perform hardware interaction and firmware extraction including JTAG, SWD, UART, SPI, and I2C.
  • Conduct firmware reverse engineering using Ghidra and Binary Ninja to identify security vulnerabilities.
  • Assess wireless protocols including Bluetooth, Zigbee, Z-Wave, Wi-Fi, Cellular, and CAN bus.
  • Review C and C++ source code to identify memory safety and authentication issues.
  • Analyze supply chain and SBOM data for vulnerabilities and license risks.
  • Evaluate products for compliance with standards like EU CRA, CE RED, and UNECE WP.29.
  • Produce high-quality technical reports with risk ratings and remediation guidance.
  • Collaborate with internal teams to improve platform detection capabilities.
View Full Description & ApplyYou'll be redirected to the employer's site
View details
Apply Now