This website uses cookies to ensure you get the best experience.

Spyrosoft and our selected partners use cookies and similar technologies (together “cookies”) that are necessary to present this website, and to ensure you get the best experience of it. If you consent to it, we will also use cookies for analytics and marketing purposes.

See our Cookie Policy to read more about the cookies we set.

You can withdraw and manage your consent at any time, by clicking “Manage cookies” at the bottom of each website page.

Select which cookies you accept

On this site, we always set cookies that are strictly necessary, meaning they are necessary for the site to function properly.

If you consent to it, we will also set other types of cookies. You can provide or withdraw your consent to the different types of cookies using the toggles below. You can change or withdraw your consent at any time, by clicking the link “Manage Cookies”, which is always available at the bottom of the site.

To learn more about what the different types of cookies do, how your data is used when they are set etc, see our Cookie Policy.

These cookies are necessary to make the site work properly, and are always set when you visit the site.

Vendors Teamtailor

These cookies collect information to help us understand how the site is being used.

Vendors Teamtailor

These cookies are used to make advertising messages more relevant to you. In some cases, they also deliver additional functions on the site.

Vendors Meta
Spyrosoft career site
Software Delivery · Multiple locations · Hybrid

Embedded Penetration Tester

Job description

Are you passionate about breaking things to make them better? We're on the lookout for a skilled Embedded Penetration Tester to join our dynamic team!

If you have hands-on experience in IoT, Medical Devices, or Automotive systems, we want to hear from you. You'll be jumping into an ongoing project, working alongside top-notch professionals to deliver cutting-edge, secure solutions for our clients.

Requirements (IoT, Medical):

  • In-depth knowledge of Automation, IoT and medical industry communication protocols.
  • Understanding of relevant automotive standards and specifications such us IEC62443.
  • Familiarity with the security mechanisms and vulnerabilities associated with various embedded systems.
  • Knowledge of secure boot processes and firmware update mechanisms.
  • Expertise in analysing and securing different type of networks.
  • Ability to assess the security of communication buses and identify potential attack vectors.
  • Ability to assess vulnerabilities in various types of interfaces, systems, and communication interfaces.
  • Proficiency in reverse engineering and analysing firmware running on various device types.
  • Capability to identify and exploit vulnerabilities within device firmware.
  • Familiarity with diagnostic and testing tools used in developing embedded solutions.
  • Ability to use tools for debugging, sniffing, and analyzing network traffic.
  • Understanding of security challenges associated with device-to-cloud communication.
  • Ability to assess the security of cloud-connected services and backend systems.
  • Proficiency in using penetration testing tools tailored for embedded systems.
  • Experience with tools specific to analyzing and exploiting security vulnerabilities.
  • Capability to perform risk assessments and threat modeling specific to Automation, IoT or medical environments.
  • Understanding of potential threats and their impact on device security.
  • Awareness of legal and compliance considerations in penetration testing.
  • Clear and concise communication skills to convey findings to both technical and non-technical stakeholders.
  • Ability to generate detailed penetration testing reports with actionable recommendations.

Requirements (Automotive)

  • In-depth knowledge of automotive communication protocols such as CAN (Controller Area Network), LIN (Local Interconnect Network), and FlexRay.
  • Familiarity with AUTOSAR
  • Understanding of relevant automotive standards and specifications such us ISO21434.
  • Familiarity with the security mechanisms and vulnerabilities associated with various ECUs in vehicles (vehicle control units, infotainment systems, advanced driver-assistance systems).
  • Knowledge of secure boot processes and firmware update mechanisms.
  • Expertise in analysing and securing in-vehicle networks.
  • Ability to assess the security of in-car communication buses and identify potential attack vectors.
  • Ability to assess vulnerabilities in multimedia interfaces, entertainment systems, and communication interfaces.
  • Proficiency in reverse engineering and analysing firmware running on automotive ECUs.
  • Capability to identify and exploit vulnerabilities within ECU firmware.
  • Familiarity with diagnostic and testing tools used in the automotive industry.
  • Ability to use tools for debugging, sniffing, and analysing in-vehicle network traffic.
  • Understanding of security challenges associated with vehicle-to-cloud communication.
  • Ability to assess the security of cloud-connected services and backend systems.
  • Proficiency in using penetration testing tools tailored for automotive embedded systems.
  • Experience with tools specific to analysing and exploiting automotive security vulnerabilities.
  • Capability to perform risk assessments and threat modelling specific to automotive environments.
  • Understanding of potential threats and their impact on vehicle security.
  • Awareness of legal and compliance considerations in automotive penetration testing.
  • Incident Response for Vehicles: Clear and concise communication skills to convey findings to both technical and non-technical stakeholders.
  • Ability to generate detailed penetration testing reports with actionable recommendations.

Responsibilities

  • Maintaining awareness of legal and compliance considerations in penetration testing activities.
  • Ensuring adherence to relevant regulations and ethical guidelines
  • Performing risk assessments and threat modeling specific to automation, IoT, automotive or medical environments.
  • Proficiently analyzing and securing firmware running on various device types.
  • Identifying and exploiting vulnerabilities within device firmware to enhance overall security.
Department
Software Delivery
Role
Software Engineer
Locations
Multiple locations
Remote status
Hybrid
Hourly salary
PLN150 - PLN200
Employment type
Contract
Skills
Embedded
Experience
Regular, Senior, Lead
Area
Embedded

About Spyrosoft

Spyrosoft is an authentic, cutting-edge software engineering company, established in 2016. In 2021 and 2022, we were among the fastest growing technology companies in Europe, according to the Financial Times. We were founded by a group of tech experts with established backgrounds in software engineering, who created an ‘engineer-to-engineer’ workplace, powered by enthusiasm, fairness and authentic relationships. Having a unique offering, which bridge the gap between technology and business, we specialise in technology solutions for industry 4.0, automotive, geospatial, healthcare & life sciences, employee experience & education and financial services industries.

Founded in 2016
Co-workers 1800+
Turnover 104M
Software Delivery · Multiple locations · Hybrid

Embedded Penetration Tester

Loading application form