YOUR RESPONSIBILITIES Leading a dedicated Red Team performing the following tasks:
Penetration tests on chargers, embedded controllers, vehicles and backend infrastructures using a variety of techniques such as brute force, code injection, malformed data, fuzzing, hardware hacking Perform open ports, binary and FW images scanning Attack implemented security mitigations to bypass them (either via SW or with HW techniques such as fault injection, glitches, side channel attacks) Identify weaknesses and vulnerabilities in charging protocols associated with EV and with CPO Report any findings and support the team in assessing the identified vulnerabilities, possibly providing remediation requirements Entering into CTF and Bug Bounty competitions at global security conferences Speaking at security and industry conferences and publishing new and innovative research Support the establishment of a hardware pentest lab, including the selection of tools and their programming languages and scripts, capable of performing full vehicle tests including 2G/3G/4G MITM, Bluetooth and other RF tests Collaborating with our customer's Red Teams and running workshops and hackathons Supporting 3rd party pentests and overseeing and verifying remediations Managing Red/Blue Team exercises, war games, playbook creation etc YOUR QUALIFICATIONS & SKILLS Master Degree in electronic/information engineering, computer science, mathematics, physics or equivalent Professional experience in cybersecurity, including published research and talks at well known cybersecurity/hacker conferences Familiarity with cryptographic algorithms and knowledge of basic security mechanisms such as secure boot, authenticated SW updates, access control Experience of working in Linux environments Previous team leading experience like coordinating the team, reporting to middle/senior management, creating and running training courses, etc. Knowledge of scanning techniques and of SW/HW fault injection mechanisms Familiarity with reverse engineering techniques, µProcessors and µControllers debugging and control, HW security devices and mechanisms and their programming (e.g. HW Security Modules, Arm TrustZone, Trusted Platform Module) Independent and meticulous working style with an analytical mindset Fluent in English, Italian and/or German would be an advantage OUR COMMITMENT Innovative work environment in a young, dynamic team High-tech projects in the future-proof sector of e-mobility Opportunities for advancement in a growing company A wide range of further training opportunities Attractive bonus system and performance-related pay Additional company benefits
#J-18808-Ljbffr