EndoSec LLC is hiring a Hardware Security and Vulnerability Analyst to strengthen the security of our products and services. In this role, you will be responsible for extracting and analyzing firmware and data at rest, identifying vulnerabilities in software, firmware, and hardware, and developing proof of concept exploits. You will collaborate closely with other engineers and security experts to find and exploit security flaws while also contributing to the design of secure and efficient systems.

What You'll Do

Analyze systems to understand functionality, failure points, and consequences of failure.
Bypass implemented security measures to gain access to sensitive data, including enabling debugging, forging or bypassing signatures, and gaining elevated privileges.
Extract firmware, executables, and other sensitive data from embedded systems and analyze the extracted code for vulnerabilities.
Setup and perform side-channel analysis to recover sensitive data.
Setup and perform fault injection attacks to bypass security measures and/or recover sensitive data.
Develop custom and novel exploits to bypass security measures, recover sensitive data, or gain elevated privileges in embedded systems.
Prepare detailed documentation, including physical setups, testing procedures, and user guides, for reproducibility of found results.
Stay current with the latest advancements in reverse engineering and hardware security.

What We're Looking For

Must be able to apply for and maintain a U.S. Government Security Clearance.

Nice to Have

Proficiency in C/C++, Python, and assembly programming.
Experience with reverse engineering tools like IDA Pro and Ghidra.
Knowledge of FPGA technology.
Background in cryptography, hardware, and embedded software.
Expertise in hardware security, reverse engineering, side channel attacks, and fault injection.