Device Security Engineer


Softnautics is looking for Embedded Junior Security Engineer who has hands-on experience in vulnerability assessments, exploit development and security testing of Embedded/IoT devices. The ideal candidate should leverage his knowledge and experience to provide leadership, technical guidance to groom the team and execute projects.


  • 3 – 8 Years

3+ years of experience resources preferred


  • Requirement analysis, design, development, testing and debugging of security solutions
  • Work on vulnerability assessments, Reverse engineering (software and hardware), Penetration testing, device security hardening and exploit development using C/Python or Ruby for IoT/Embedded devices
  • Evaluation and integration of various Open source Security Software or tools
  • Able to lead/mentor team of the small size of junior engineers
  • Documentation – Requirement Specification, Design, Test Plan & Test cases, etc
  • Effort estimation, planning, and customer Interaction

Person Specification

Required Skills & Experience:

  • Must have at least 2 – 3 years of experience in Embedded System security
  • Development experience using Ruby/C/Python/Shell Script in Linux OS/Embedded platform
  • Must have experience in penetration testing and ethical hacking of IoT/embedded devices
  • Candidate should have exposure to open source solutions for Root of trust like HSM, TPM, and TEE
  • Hands-on with Penetration testing tools using kali Linux, Metasploit and Nessus
  • Knowledge on OP-TEE, Android Trusty TEE, and Open Enclave is preferred
  • Exposure to Open Source TPM Solutions like IBM TPM Simulator and Microsoft TPM simulator
  • Good to have knowledge on trusted computing technologies like ARM TZ, Intel SGX or AMD SEV
  • Candidate should have knowledge on Basic Networking, Security and cryptography protocols
  • Familiarity with Secure Boot, UEFI/BIOS, TPM and other features which help secure HW

Desirable Skills:

  • Candidates having CEHv10 Security Certification are most preferred
  • Candidate with Cloud (AWS/AZURE/GCP) Security Exposure is an added advantage
  • Should have worked on agile methodology
  • Strong communication skill
  • Team player
  • Good at customer communication
  • Positive attitude and has no issues working on testing as well based on project needs
  • Self-motivated team player able to thrive in a fast-paced engineering environment
  • Ready to switch between domains based on company requirements