Intern Program Offensive Cyber Security
Eindhoven, Netherlands
NavInfo Europe BV
We harness the power of data and AI to become the digital brain of smart mobility to transform city living & quality of life. Dive into the future with us today.As an intern with the NavInfo Europe Cybersecurity team, you will research and write your master thesis on innovations in cybersecurity technologies for Connected cars, IoT, Artificial Intelligence solutions.
You will have the freedom and support of NavInfo Europe to develop your research in one of the fastest-growing business areas of the world. We will give you the opportunity to gain knowledge and skills on a wide range of the most innovative cybersecurity tools, technologies, and methodologies.
You are free to write your own research proposal or choose one of the following suggested Internship projects to research for our Security assessment of modern electrical cars:
- Automated Man-in-the-middle attacks for 2G/3G/4G/5G mobile networks with SDR solutions.
- Penetration testing and reverse engineering of Connected cars and IoT devices.
- Applying side-channel attack and fault injection for automotive ECU's
1. Automated Man-in-the-middle attacks for 2G/3G/4G/5G mobile networks with SDR solutions.
Duration: estimated 60 ECTS
Mobile communications are used by more than two-thirds of the world population, who expect security and privacy guarantees. Even though privacy was a requirement, numerous man-in-the-middle attacks, and network traffic interception techniques were demonstrated at the biggest cybersecurity conferences.
In this research, we will automate mobile traffic interception for different mobile network standards and discover new vulnerabilities in communications protocols. Finally, we will conduct a security analysis of the vulnerability and propose countermeasures to remedy our attacks.
2. Penetration testing and reverse engineering of Connected cars and IoT devices.
Duration: estimated 60 ECTS
Connected cars are likely the most complex connected devices we see. The attack surface is immense – the Internet, mobile, Bluetooth, custom RF protocols, DAB, media files imported over USB, remote diagnostics, telematics, mobile apps… As an intern, you will get hands-on experience with penetration testing and software, hardware reverse engineering of modern electric cars and IoT devices:
- Software fuzzing
- Exploit development
- Key fob communication security analyses
- NFC communication security analyses
- CAN bus communication security analyses
- Reverse engineering firmware
- Reverse engineering mobile application
3. Applying side-channel attack and fault injection for automotive ECU's
Duration: estimated 60 ECTS
Modern cars have many different ECUs (Electronic Control Unit). They communicate with each other via CAN (Controller Area Network) bus. ECUs support diagnostic protocol UDS (Unified Diagnostic Services). UDS protocol has rich functionalities: upgrade firmware ECU, tunning and configuration parameters, and activation debugging functionality. Usually, all these functionalities are available after UDS authentication.
In the scope of this research, you will apply side-channel attack and fault injection for automotive ECUs to bypass different types of UDS authentication.
Requirements
Education:
- Background in relevant domain (e.g., Cybersecurity, Radio Physics or Electronics, or related field)
- Finishing bachelor or Master at university (WO) or Applied Sciences university (HBO) in the Netherlands, Belgium, Germany.
Technical skills:
- Ability to read, interpret and analyze researches
- Writing and presenting. Knowledge about information security (focus on people/ process).
- Able to communicate complexity (verbal and written)
- Programming skills in Python is required.
- Participation in Capture The Flag (CTF) competition is a big plus.
- Knowledge of SCA is a big plus.
Soft skills:
Ability to work well in an international team environment
Interested?
Does this profile describe you and are you interested in this internship program? Please apply!
You can expect a challenging paid internship with professional guidance. For more information, contact the HR department via hrm@navinfo.eu
Tags: Artificial Intelligence CTF Exploit Pentesting Physics Privacy Python Reverse engineering Security analysis Security assessment Vulnerabilities
Perks/benefits: Conferences
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Security Operations Engineer jobs
- Open Senior Security Analyst jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Security Specialist jobs
- Open Security Researcher jobs
- Open Chief Information Security Officer jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open IT Security Engineer jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open CISM-related jobs
- Open Pentesting-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open DevSecOps-related jobs
- Open CI/CD-related jobs