Cybersecurity Penetration Testing Lead (M/F/D) Bolzano

Cybersecurity Penetration Testing Lead (M/F/D)
Bolzano
Trentino Alto Adige, Bolzano

YOUR RESPONSIBILITIES Leading a dedicated Red Team performing the following tasks: Penetration tests on chargers, embedded controllers, vehicles and backend infrastructures using a variety of techniques such as brute force, code injection, malformed data, fuzzing, hardware hackingPerform open ports, binary and FW images scanningAttack implemented security mitigations to bypass them (either via SW or with HW techniques such as fault injection, glitches, side channel attacks)Identify weaknesses and vulnerabilities in charging protocols associated with EV and with CPOReport any findings and support the team in assessing the identified vulnerabilities, possibly providing remediation requirementsEntering into CTF and Bug Bounty competitions at global security conferencesSpeaking at security and industry conferences and publishing new and innovative researchSupport the establishment of a hardware pentest lab, including the selection of tools and their programming languages and scripts, capable of performing full vehicle tests including 2G/3G/4G MITM, Bluetooth and other RF testsCollaborating with our customer's Red Teams and running workshops and hackathonsSupporting 3rd party pentests and overseeing and verifying remediationsManaging Red/Blue Team exercises, war games, playbook creation etcYOUR QUALIFICATIONS & SKILLS Master Degree in electronic/information engineering, computer science, mathematics, physics or equivalentProfessional experience in cybersecurity, including published research and talks at well known cybersecurity/hacker conferencesFamiliarity with cryptographic algorithms and knowledge of basic security mechanisms such as secure boot, authenticated SW updates, access controlExperience of working in Linux environmentsPrevious team leading experience like coordinating the team, reporting to middle/senior management, creating and running training courses, etc. Knowledge of scanning techniques and of SW/HW fault injection mechanismsFamiliarity with reverse engineering techniques, µProcessors and µControllers debugging and control, HW security devices and mechanisms and their programming (e. G.

HW Security Modules, Arm TrustZone, Trusted Platform Module)Independent and meticulous working style with an analytical mindsetFluent in English, Italian and/or German would be an advantageOUR COMMITMENT Innovative work environment in a young, dynamic teamHigh-tech projects in the future-proof sector of e-mobilityOpportunities for advancement in a growing companyA wide range of further training opportunitiesAttractive bonus system and performance-related payAdditional company benefits#J-18808-Ljbffr