Cybersecurity Penetration Testing Lead (M/F/D) Bolzano

Cybersecurity Penetration Testing Lead (M/F/D)
Bolzano
Trentino Alto Adige, Bolzano

YOUR RESPONSIBILITIES Leading a dedicated Red Team performing the following tasks: Penetration tests on chargers, embedded controllers, vehicles and backend infrastructures using a variety of techniques such as brute force, code injection, malformed data, fuzzing, hardware hacking

Perform open ports, binary and FW images scanning

Attack implemented security mitigations to bypass them (either via SW or with HW techniques such as fault injection, glitches, side channel attacks)

Identify weaknesses and vulnerabilities in charging protocols associated with EV and with CPO

Report any findings and support the team in assessing the identified vulnerabilities, possibly providing remediation requirements

Entering into CTF and Bug Bounty competitions at global security conferences

Speaking at security and industry conferences and publishing new and innovative research

Support the establishment of a hardware pentest lab, including the selection of tools and their programming languages and scripts, capable of performing full vehicle tests including 2G/3G/4G MITM, Bluetooth and other RF tests

Collaborating with our customer's Red Teams and running workshops and hackathons

Supporting 3rd party pentests and overseeing and verifying remediations

Managing Red/Blue Team exercises, war games, playbook creation etc

YOUR QUALIFICATIONS & SKILLS Master Degree in electronic/information engineering, computer science, mathematics, physics or equivalent

Professional experience in cybersecurity, including published research and talks at well known cybersecurity/hacker conferences

Familiarity with cryptographic algorithms and knowledge of basic security mechanisms such as secure boot, authenticated SW updates, access control

Experience of working in Linux environments

Previous team leading experience like coordinating the team, reporting to middle/senior management, creating and running training courses, etc.

Knowledge of scanning techniques and of SW/HW fault injection mechanisms

Familiarity with reverse engineering techniques, µProcessors and µControllers debugging and control, HW security devices and mechanisms and their programming (e. g. HW Security Modules, Arm TrustZone, Trusted Platform Module)

Independent and meticulous working style with an analytical mindset

Fluent in English, Italian and/or German would be an advantage

OUR COMMITMENT Innovative work environment in a young, dynamic team

High-tech projects in the future-proof sector of e-mobility

Opportunities for advancement in a growing company

A wide range of further training opportunities

Attractive bonus system and performance-related pay

Additional company benefits

#J-18808-Ljbffr