[Remote] Principal Security Consultant (Hardware/Embedded Penetration Tester)

Remote Full-time
Note: The job is a remote job and is open to candidates in USA. NetSPI is a leader in Penetration Testing as a Service (PTaaS), combining security expertise with AI and automation to enhance security measures. The Principal Security Consultant will focus on assessing the security of hardware and embedded systems, identifying vulnerabilities, and providing actionable recommendations for improvement while collaborating with clients and mentoring junior team members.ResponsibilitiesPerform Hardware and/or firmware penetration testsLead in threat modeling exercises related to Embedded SystemsCreate and deliver penetration test reports to clientsCollaborate with clients to create remediation strategies that will help improve their security postureConduct thorough penetration testing on hardware and embedded systems, including IoT devices, automotive systems, industrial control systems (ICS), and other critical infrastructureDevelop and execute comprehensive testing plans, methodologies, and tools tailored to specific hardware platformsIdentify, analyze, and document security vulnerabilities and exploits in hardware and firmwareCollaborate with cross-functional teams to review system architectures and design security solutionsProvide detailed reports and presentations to stakeholders, outlining findings and remediation strategiesMentor junior team members and contribute to the development of best practices and testing standardsStay current with the latest security trends, tools, and technologies in the hardware and embedded systems domainResearch and develop innovative techniques, tools, and methodologies for penetration testing servicesHelp define and document internal, technical, and service processes and proceduresContribute to the community through the development of tools, presentations, white papers, and blogsSkills4 years of dedicated security consulting experience, with 2 of those years having a heavy concentration in embedded/hardware penetration and security designs5 years of dedicated hardware/embedded systems design & development, with an additional 1-2 years of hardware/embedded security consulting and penetration testing10+ years of dedicated hardware/embedded systems design, development & fabrications, with a strong understanding of security vulnerabilities and how they may apply to hardware/embedded systemsHands-on experience with hardware penetration testing techniques, including soldering, probing chips, removing, and reworking components, and hardware debuggingKnowledge of Linux, Unix, QNX and/or Windows Operating SystemsKnowledge of Application and Network Protocols and designAdept in reverse engineering, firmware analysis, and exploitation techniquesStrong understanding of embedded systems architectures, communication protocols (e.g., SPI, I2C, UART), and hardware debugging toolsExcellent problem-solving skills and the ability to think creatively to bypass security mechanismsStrong communication skills, with the ability to explain complex technical concepts to non-technical stakeholdersSelf-motivated, detail-oriented, and capable of working independently with minimal supervisionBachelor's degree or higher, preferred with a concentration in Computer Science, Electrical or Computer Engineering, Math, or IT - or equivalent experienceUp to 25% travelDesigned hardware CTF or debugging toolProgramming experience in one or more of the following languages: C, C++Familiarity with common embedded architectures such as: x86, ARM, PPCExperience in automotive security testing and knowledge of CAN bus and related protocolsExperience with industrial control systems (ICS) and SCADA securityExperience testing medical devicesKnowledge of cryptographic algorithms and their implementation in hardwareExperience as an Embedded Hardware/Software engineerParticipated, won, organized, or otherwise developed Capture-The-Flag (CTF) competitionsExperience with Operating Systems design, or Compiler designExperience with secure software development practices and code reviewGXPN, GPEN, OSCP, CISSP, GWAPT or similar certificationsCompany OverviewNetSPI is a cybersecurity company that offers enterprise security testing and attack surface management services. It was founded in 2001, and is headquartered in Minneapolis, Minnesota, USA, with a workforce of 501-1000 employees. Its website is https://www.netspi.com.Company H1B SponsorshipNetSPI has a track record of offering H1B sponsorships, with 1 in 2025, 3 in 2024, 1 in 2023, 2 in 2022, 5 in 2021, 5 in 2020. Please note that this does not guarantee sponsorship for this specific role.

Apply Now →

Similar Jobs

Experienced Registered Behavior Technician for In-Home ABA Therapy - Atlanta, GA

Remote

Immediate Hiring: Experienced Registered Behavioral Technician (RBT) for Clinic-Based ABA Therapy Services

Remote

Experienced Registered Behavioral Technician (RBT) - ABA Therapy for Children with Autism Spectrum Disorder

Remote

Experienced Registered Nurse - Telehealth: Providing Remote Care Coordination and Patient Support

Remote

Experienced Substitute Teacher for Riverside County Schools - Join Scoot Education's Innovative Team

Remote

Experienced Substitute Teacher for San Bernardino County - Flexible Schedules & Competitive Pay

Remote

Experienced School Year Instructional Coach for High-Dosage Tutoring Programs in Edgewater Park, NJ

Remote

Experienced School Year Tutor for K-8 Students in Math and Literacy - Mickleton, NJ

Remote

Experienced Secondary Social Studies Teacher for Kansas - Flexible Hybrid Remote Arrangement

Remote

USPS Office Helper

Remote

[Remote-Position] Disney remote data entry jobs – Part-time (WFH)

Remote

TikTok Content Moderator Job (Remote) $36/H – W...

Remote

[Remote] Service Specialist Technician - MTM

Remote

B2B Sales Representative - Flexible work arrangement with remote Fridays (ROCKFORD)

Remote

**Experienced Remote Data Entry Specialist – Accurate Record Keeping for arenaflex**

Remote

Remote Real Estate Caller

Remote

Remote Seafood Sales Representative

Remote

Experienced Customer Service Representative – Insurance and Benefits Sales

Remote

Integration Engineer

Remote

Chronic Care Manager (Remote - Compact States)

Remote
← Back