Tech stack:Secure boot, firmware security, OTA updatesCryptography (AES, RSA, ECC) & hardware security (TPM, HSM, TrustZone)Embedded interfaces & protocols: CAN, LIN, Modbus, BLE, Wi-Fi, TCP/IPPenetration testing on embedded targets: JTAG, UART, SPI, I²CCloud IoT platforms & secure communication: AWS/Azure/GCP IoT, TLS/DTLS, MQTT(S)Secure code review (C/C++, Rust, Python) & DevSecOps / CI/CD securityRequirements:Proven experience performing advanced penetration testing on embedded systems, IoT devices, and cloud-connected architecturesStrong background in identifying, exploiting, and documenting security weaknesses across a broad range of environmentsDeep understanding of embedded security attack vectors: side-channel attacks, fault injection, firmware tampering, replay attacks, MITMExperience with vulnerability scanning, fuzzing, exploit development, and hardware-level security assessmentSolid knowledge of secure communication protocols, cryptography, secure boot mechanisms, and secure firmware designAbility to translate complex technical findings into clear, actionable recommendations for both technical and non-technical stakeholdersFamiliarity with risk assessment frameworks such as ISO 21434, IEC 62443, ISO 27005Understanding of data protection requirements (GDPR / HIPAA) in cloud-integrated IoT ecosystemsExperience with secure SDLC, DevSecOps, and CI/CD security practicesStrong analytical, problem-solving, and communication skillsRelevant certifications such as OSCP, GPEN, CompTIA PenTest+ (highly valued)Main responsibilities:Senior Penetration Tester with a proven track record of successfully identifying and exploiting security weaknesses across a wide range of systems and environments. The ideal candidate will have deep expertise in advanced penetration testing methodologies, tools, and reporting, with strong analytical and problem-solving skills. Experience in embedded systems security is highly desirable and will be considered a significant advantage. This role requires excellent communication skills to translate technical findings into clear, actionable recommendations for stakeholders.