Must have

• Secure boot, firmware security, OTA upda

• Cryptography & hardware

• Embedded interfaces & protocols

• Penetration testing on embedded targets

• Cloud IoT platforms & secure communicati

• Secure code review (C/C++, Rust, Python)

• DevSecOps / CI/CD security

• Polish (B2)

• English (B2)

Requirements description

• Proven experience performing advanced penetration testing on embedded systems, IoT devices, and cloud-connected architectures
• Strong background in identifying, exploiting, and documenting security weaknesses across a broad range of environments
• Deep understanding of embedded security attack vectors: side-channel attacks, fault injection, firmware tampering, replay attacks, MITM
• Experience with vulnerability scanning, fuzzing, exploit development, and hardware-level security assessment
• Solid knowledge of secure communication protocols, cryptography, secure boot mechanisms, and secure firmware design
• Ability to translate complex technical findings into clear, actionable recommendations for both technical and non-technical stakeholders
• Familiarity with risk assessment frameworks such as ISO 21434, IEC 62443, ISO 27005
• Understanding of data protection requirements (GDPR / HIPAA) in cloud-integrated IoT ecosystems
• Experience with secure SDLC, DevSecOps, and CI/CD security practices
• Strong analytical, problem-solving, and communication skills
• Relevant certifications such as OSCP, GPEN, CompTIA PenTest+ (highly valued)

Offer description

Tech stack:

• Secure boot, firmware security, OTA updates
• Cryptography (AES, RSA, ECC) & hardware security (TPM, HSM, TrustZone)
• Embedded interfaces & protocols: CAN, LIN, Modbus, BLE, Wi-Fi, TCP/IP
• Penetration testing on embedded targets: JTAG, UART, SPI, I²C
• Cloud IoT platforms & secure communication: AWS/Azure/GCP IoT, TLS/DTLS, MQTT(S)
• Secure code review (C/C++, Rust, Python) & DevSecOps / CI/CD security

Your responsibilities

1. Senior Penetration Tester with a proven track record of successfully identifying and exploiting security weaknesses across a wide range of systems and environments. The ideal candidate will have deep expertise in advanced penetration testing methodologies, tools, and reporting, with strong analytical and problem-solving skills. Experience in embedded systems security is highly desirable and will be considered a significant advantage. This role requires excellent communication skills to translate technical findings into clear, actionable recommendations for stakeholders.