- A unique opportunity in the Product Cybersecurity Red Team to pen-test and assess security controls on the latest and next gen vehicles.
- This is a highly technical position and requires a highly motivated individual, with ability to perform security vulnerability assessments and penetration testing.
- Responsible for performing embedded security pen-test activities, both automated and manual, to identify and exploit vulnerabilities in vehicle ECU's, applications, and network components.
- Carry out reverse engineering on embedded devices firmware to identify and exploit vulnerabilities.
- Defining pen-test methodologies with a combination of automated and manual tools.
- Provide recommendation to mitigate security risks and fix security vulnerabilitie.
- Demonstrate creative analysis techniques in distilling test results, eliminating false positives and providing actionable recommendations for mitigation.
- Perform research on security exploits and containment approaches.
- Research emerging vulnerabilities and develop proof-of-concept (POC) as needed.
- Develop custom tools to support penetration testing as required.
- Evaluation and selection of external vendors and tools.
- Help guide 3rd party vendors with security assessments and provide coordination and support as needed.
- Document technical and logical security findings identified during the security assessments and report them in a timely manner.
- Penetration testing experience
- Hardware and embedded system hacking
- Reverse engineering embedded systems and source code review
- Proficiency in at least one of the following languages: C, C++, Java, or Python.
- Knowledge with use of JTAG/UART and on-chip Debuggers
- Experience with real-time and POSIX oriented operating systems (Linux, Android, and QNX)
- Must have strong teamwork orientation and the ability to foster collaboration within and across teams
- Experience with Vulnerability assessments and penetration testing
- In-depth knowledge with wireless protocols, Wi-Fi, Bluetooth, and Zigbee
- Reverse engineering Linux and/or Android based software
- Experience with common automotive communication protocols (e.g., CAN/LIN, UDS/DoIP, Ethernet, immobilization etc.)
- Security cryptography fundamentals - PKI, certificates, encryption, signatures, authentication, and authorization.
- Experience with OS internals, virtualization, or container technologies
- Experience with network protocols: TCP/IP, HTTP, (OSI model)
- Certifications OSCP, OSEP, GPEN.
- Pension Scheme – We match employee contribution up to 5% of salary
- 25 Days' Holiday
- Private Health Care
- Tata Jaguar Land Rover Privilege Scheme - up to 20% off new JLR vehicles
- Group Income Protection
- Health Assured – Employee Assistance Program
- Group Life Assurance
- Childcare Vouchers
- Health Shield – Private Health Cash Plan
Penetration Tester - Woking, United Kingdom - TATA Technologies
Description
Role description
At Tata Technologies we make product development dreams a reality by designing, engineering and validating the products of tomorrow for the world's leading manufacturers.
Due to our continued growth we are now recruiting for a Penetration Tester to be based at our clients site in Woking.
Our Engineering Research and Development department (ER&D) is a fast-growing function within Tata Technologies Limited that is assembled to work on exciting projects globally for multiple customers.
The Role:
Dimension of function:
Shall be part of cybersecurity team and report to cybersecurity domain manager.
Shall be in liaison with suppliers and OEM
Area of Responsibility:
Knowledge / Experience:
Competences:
Customer Centricity - Ensures the delivery of exceptional customer service.
Decision Making - Identifies and analyses information to make decisions and solve problems.
Teamwork & Collaboration - Fosters a sense of teamwork, leverages differences, and facilitates the effective interaction and contribution of others to achieve goals.
Execution Excellence - Plans, executes and improves work processes to ensure achievement of business goals.
Drive for Results - Demonstrates and fosters a sense of urgency and strong commitment to achieving goals.
Displays Global Perspective - Establishes and promotes effective business operations across multiple countries and/or regions and coordinates appropriately with the broader global business.
If you are passionate about bringing innovation to the projects you work on and want to join a global company, then this is the place for you.
Tata Technologies:
Engineering a better world