EndoSec LLC is hiring a Hardware Security and Vulnerability Analyst. In this role, you will be responsible for extracting and analyzing firmware and data at rest, identifying vulnerabilities in software, firmware, and hardware, and developing proof of concept exploits. You will collaborate with engineers and security experts to find and exploit security flaws and to build secure systems, directly contributing to the security and privacy of our products and services.

What You'll Do

Analyze systems to understand functionality, failure points, and consequences of failure.
Bypass implemented security measures to gain access to sensitive data, including enabling debugging, forging or bypassing signatures, gaining elevated privileges, and simulating environmental conditions.
Extract firmware, executables, and other sensitive data from embedded systems and analyze the extracted code for vulnerabilities and sensitive data.
Setup and perform side-channel analysis to recover sensitive data.
Setup and perform fault injection attacks to bypass security measures and/or recover sensitive data.
Develop custom and novel exploits to bypass security measures, recover sensitive data, or gain elevated privileges in embedded systems.
Prepare detailed documentation, including physical setups, testing procedures, and user guides, for reproducibility of found results and maintenance.
Stay current with the latest advancements in reverse engineering and hardware security to continually refine and enhance skills.

What We're Looking For

Must be able to apply for and maintain a U.S. Government Security Clearance.

Nice to Have

Programming and scripting: C/C++, Python, assembly
Tools and analysis: IDA Pro, Ghidra
Hardware and embedded: FPGA, hardware, embedded software
Security domains: cryptography, hardware security, reverse engineering, side channel attacks, fault injection