EndoSec LLC is seeking a Hardware Security and Vulnerability Analyst to join our team. In this role, you will be responsible for extracting and analyzing firmware and data at rest, identifying vulnerabilities in software, firmware, and hardware, and developing proof-of-concept exploits. You will collaborate with engineers and security experts to discover and exploit security flaws within devices and designs, as well as contribute to building secure systems.

What You'll Do

Analyze systems to understand functionality, failure points, and consequences of failure.
Bypass implemented security measures to gain access to sensitive data, including enabling debugging, forging or bypassing signatures, gaining elevated privileges, and simulating environmental conditions.
Extract firmware, executables, and other sensitive data from embedded systems and analyze the extracted code for possible vulnerabilities and sensitive data.
Setup and perform side-channel analysis to recover sensitive data.
Setup and perform fault injection attacks to bypass security measures and/or recover sensitive data.
Develop custom and novel exploits to bypass security measures, recover data, or gain elevated privileges in embedded systems.
Prepare detailed documentation, including physical setups, testing procedures, and user guides, for reproducibility of found results.
Stay current with the latest advancements in reverse engineering and hardware security.

What We're Looking For

Must be able to apply for and maintain a U.S. Government Security Clearance.

Nice to Have

Proficiency in C/C++, Python, and assembly languages.
Experience with reverse engineering tools like IDA Pro and Ghidra.
Knowledge of FPGA, cryptography, and hardware design.
Background in embedded software, hardware security, and reverse engineering.
Experience with side channel attacks and fault injection techniques.