Hardware Penetration Tester

San Francisco, California, United States

Applications have closed

Control Risks

Control Risks is the specialist global risk consultancy that helps organisations succeed in a volatile world. Find out more.

View company page

The Hardware Penetration Tester will support our Client's Anti-Fraud/Piracy program in a lab setting and will conduct high-level penetration tests on a variety of hardware components.

  • Conduct security reviews for hardware including components, servers, and consumer devices
  • Penetration testing & vulnerability research across hardware, software, network, and protocol stacks.
  • Prepare clear and concise technical reports
  • Collaborate with internal Red Teams to implement novel attacks and exploits
  • Producing threat source resources, reviews and assessments aligned to risk, vulnerability and control assessments aligned to the protection of employees, products, facilities and customers globally.

Requirements

  • 2+ years experience in penetration testing
  • Experience conducting penetration tests on a variety of hardware and components
  • Knowledge of essential networking concepts (TCP, UDP, IP, HTTP(s), DNS, routing, sockets, etc.) as well as associated vulnerabilities
  • Knowledge of a variety of operating systems, including Android, Linux, and Windows
  • Understanding of various threat types and functionalities as well as practical usage (trojans, rootkits, shells, etc.)
  • Knowledge of hardware and embedded system security
  • Threat modeling across multiple attack surfaces, and risk assessment or test planning based upon the results.
  • Familiarity with generating and expanding existing framework resources for hardware device security assessments.
  • A current understanding of evolving software and hardware exploitation techniques
  • Ability to break down novel exploits and techniques and describe them in terms of risk to non-technical audiences
  • Ability to use a wide range of hardware test and analysis equipment
  • Experience reverse engineering hardware using JTAG or UART
  • Benefits

    • Control Risks offers a competitively positioned compensation and benefits package that is transparent and summarised in the full job offer.
    • We operate a discretionary bonus scheme that incentivizes, and rewards individuals based on company and individual performance
    • Control Risks supports hybrid working arrangements, wherever possible, that emphasize the value of in-person time together - in the office and with our clients - while continuing to support flexible and remote working.

    * Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

    Tags: Android DNS Exploits Linux Pentesting Reverse engineering Risk assessment Security assessment Vulnerabilities Windows

    Perks/benefits: Flex hours Salary bonus

    Region: North America
    Country: United States
    Job stats:  12  0  0
    Category: PenTesting Jobs

    More jobs like this

    Explore more InfoSec / Cybersecurity career opportunities

    Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.