Cyient
Website:
cyient.com
Job details:
- Perform penetration testing of embedded platforms, automotive systems and components
- Conduct security assessments on:
- Vehicle ECUs and firmware
- In-vehicle networks (CAN, LIN, FlexRay, Ethernet)
- Vehicle interfaces (OBD, USB, Bluetooth, Wi-Fi, Cellular)
- Secure boot, diagnostics, and OTA update mechanisms
- Embedded/Medical /IOT devices
- Cloud/Web apps
- Android & iOS apps
- Execute threat-based penetration testing aligned with TARA and security requirements
- Perform firmware extraction, analysis, and reverse engineering
- Conduct hardware security testing (hardware inspection on debug interfaces, flash access, side-channel awareness)
- Identify, exploit, and document vulnerabilities with clear risk and remediation guidance
- Collaborate with development and system teams to validate fixes and retest vulnerabilities
- Prepare penetration test reports for customers and internal stakeholders
- Experience with vehicle-level penetration testing or live vehicle testing
- Exposure to backend/cloud security testing related to connected vehicles
- Knowledge of secure coding flaws in embedded systems
Tools & Platforms - Kali Linux, Ubuntu, embedded Linux
- Burp Suite, Wireshark, Nmap, Metasploit
- Ghidra, IDA Pro, Binwalk
- Automotive test and diagnostic tools
- Python / Bash scripting for automation (preferred)
Certifications (Preferred)Demonstrate strong offensive security capabilities supported by industry‑recognized certifications and verifiable achievements, including:
- Proven presence in leading Security Hall of Fame / Acknowledgment Lists from global technology vendors (e.g. Bugcrowd, HackerOne).
- Preferred certifications are
- CREST Certified Tester (CCT / CRT / CCT-INF)
- OSCP / OSWE / GWAPT
- Offensive Security or INE/eLearnSecurity certifications, such as: OSEP, ejpt, eCPPT, eWPT/eWPTX, eCPTX
- Automotive cybersecurity training/certifications
- Documented contribution to the cybersecurity community through published CVEs listed under the candidate’s name. Participation in responsible disclosure programs with publicly available acknowledgements or awards.
- Demonstrated excellence through participation in national and international cybersecurity hackathons and completion of advanced CTF challenges. Achieved top‑tier rankings on offensive‑training platforms such as Hack The Box, TryHackMe, and other similar competitive environments.
- Strong portfolio of security research, exploit development, vulnerability analysis, or open-source security tool contributions.
Click on Apply to know more.