Cisco is at the forefront of securing today's emerging technologies. You'll be part of a highly skilled team hunting for critical security vulnerabilities in third party connected devices that will shape our future. Your primary objective will be identifying, exploiting and documenting vulnerabilities in embedded systems and their associated remote services. Targets will include components from connected vehicles, medical devices, and industrial control systems.

You'll also:

• Develop threat models
• Review design / architecture documents
• Identify and interface with hardware attack vectors. (UART, JTAG, SWD, NVRAM, Flash, USB Peripherals, SD Cards, etc.)
• Configure cross-compiler toolchains for obscure targets
• Reverse engineer communications protocols
• Develop process-specific fuzz testing environments
• Reverse engineer firmware targeting ARM & PPC processors
• Bus message analysis, instrumentation, and fault injection (e.g. SPI, I2C, USB, CAN, LIN)
• Instrument and test communications channels (e.g. Wi-Fi, Bluetooth/BLE, Cellular)
• Jailbreak devices (get root)
• Write reports which clearly document vulnerabilities and provide context at various levels of detail

You'll be working with a seasoned group of security consultants each with an average of more than 10 years of experience in offensive security roles. Our team represents a broad skill set including expertise in hardware & software reverse engineering, electrical engineering, cryptography, fault injection, side-channel analysis, hardware glitching and RF communications.

You're naturally curious about how devices work and how they can be compromised or subverted. You're a professional who collaborates with colleagues to deliver excellent results. You can communicate and present complex topics to customers clearly. You have a working knowledge of fundamental electronics concepts including passive components and transistors.

Minimum qualifications:

• Bachelor's degree in Computer Science, Computer Engineering, or Electrical Engineering
• Fluency in C, C++, ARM assembly, x86 assembly and Python
• 7 years of professional experience penetration testing
• 5 years experience reverse engineering software with IDA Pro or Ghidra
• 3 years experience working with embedded systems
• Solid understanding of networking concepts and tools (e.g. nmap, scapy, nessus)
• Solid understanding of application security concepts
• Extensive knowledge of common threats and vulnerabilities affecting devices
• Experience identifying and exploiting security vulnerabilities
• Exceptional English communication skills, both oral and written

Desired skills (any of the following are a plus but not required):

• OSCP or OSCE certifications
• Soldering & SMT rework
• Solid understand of secure boot and ARM TrustZone concepts
• Familiarity with common electrical test equipment
• Oscilloscopes, Logic Analyzers, Bus Protocol Analyzers, Multimeters, Spectrum Analyzers
• Comfortable working with SBCs such as the Raspberry Pi or BeagleBone
• Intimate knowledge of the Linux kernel
• Working knowledge of QNX
• Practical experience with Software Defined Radio (SDR)
• Reading / capturing electrical schematics (e.g. Altium, KiCad)
• Verilog / VHDL and FPGA design
• Extensive knowledge of on-board and connectivity protocols
• SPI, I2C, CAN, LIN, USB
• Bluetooth / BLE
• Wi-Fi
• 3G & 4G Cellular
• Practical experience identifying and exploiting side channel attacks
• Practical experience circumventing device security using clock/power glitching
• Experience evaluating cryptography and protection of sensitive information

We connect everything: people, processes, data, and things. We innovate everywhere, taking bold risks to shape the technologies that give us smart cities, connected cars, and handheld hospitals. And we do it in style with unique personalities who aren't afraid to change the way the world works, lives, plays and learns.

We are thought leaders, tech geeks, pop culture aficionados, and we even have a few purple haired rock stars. We celebrate the creativity and diversity that fuels our innovation. We are dreamers and we are doers.

We Are Cisco.