Cyber Security Penetration Tester

As a highly skilled and curious Penetration Tester at Themesoft, your role will involve conducting penetration tests on embedded systems, PLCs, HMIs, and industrial controllers. You will be responsible for performing hardware-level attacks, including firmware extraction and JTAG/SWD probing. Additionally, your duties will include analyzing and reverse-engineering firmware and binaries from industrial devices, developing custom exploits and payloads for proprietary protocols and hardware, and collaborating with engineering and security teams to recommend mitigation strategies. It will also be your responsibility to document findings in detailed technical reports and present them to stakeholders, while staying current with emerging threats in OT/IACS and hardware security domains. Key Responsibilities: - Conduct penetration tests on embedded systems, PLCs, HMIs, and industrial controllers. - Perform hardware-level attacks including firmware extraction, JTAG/SWD probing. - Analyze and reverse-engineer firmware and binaries from industrial devices. - Develop custom exploits and payloads for proprietary protocols and hardware. - Collaborate with engineering and security teams to recommend mitigation strategies. - Document findings in detailed technical reports and present to stakeholders. - Stay current with emerging threats in OT/IACS and hardware security domains. Qualifications Required: - Proven experience in penetration testing, especially in OT/IACS environments. - Strong knowledge of embedded systems, microcontrollers, and hardware interfaces (UART, SPI, I2C, JTAG). - Familiarity with ICS protocols and architectures. - Proficiency in reverse engineering tools (IDA Pro, Ghidra, Radare2). - Experience with hardware debugging tools (oscilloscopes, logic analyzers, chip programmers). - Solid understanding of threat modeling and risk assessment in industrial contexts. - Programming/scripting skills (Python, C, Bash, etc.). If you are interested or have a referral, kindly share your updated resume with [HIDDEN TEXT]. As a highly skilled and curious Penetration Tester at Themesoft, your role will involve conducting penetration tests on embedded systems, PLCs, HMIs, and industrial controllers. You will be responsible for performing hardware-level attacks, including firmware extraction and JTAG/SWD probing. Additionally, your duties will include analyzing and reverse-engineering firmware and binaries from industrial devices, developing custom exploits and payloads for proprietary protocols and hardware, and collaborating with engineering and security teams to recommend mitigation strategies. It will also be your responsibility to document findings in detailed technical reports and present them to stakeholders, while staying current with emerging threats in OT/IACS and hardware security domains. Key Responsibilities: - Conduct penetration tests on embedded systems, PLCs, HMIs, and industrial controllers. - Perform hardware-level attacks including firmware extraction, JTAG/SWD probing. - Analyze and reverse-engineer firmware and binaries from industrial devices. - Develop custom exploits and payloads for proprietary protocols and hardware. - Collaborate with engineering and security teams to recommend mitigation strategies. - Document findings in detailed technical reports and present to stakeholders. - Stay current with emerging threats in OT/IACS and hardware security domains. Qualifications Required: - Proven experience in penetration testing, especially in OT/IACS environments. - Strong knowledge of embedded systems, microcontrollers, and hardware interfaces (UART, SPI, I2C, JTAG). - Familiarity with ICS protocols and architectures. - Proficiency in reverse engineering tools (IDA Pro, Ghidra, Radare2). - Experience with hardware debugging tools (oscilloscopes, logic analyzers, chip programmers). - Solid understanding of threat modeling and risk assessment in industrial contexts. - Programming/scripting skills (Python, C, Bash, etc.). If you are interested or have a referral, kindly share your updated resume with [HIDDEN TEXT].