Your core tasks will involve, but are not limited to: • Analyzing the current car computer and networking technology to detail to find vulnerabilities and potential problems. This includes technology inside the car (CAN bus, FlexRay, Auto Ethernet, attached devices) as well over-the-air communications (V2X, 4G, 5G). This can include reverse-engineering devices and communications when needed. • Helping colleagues to design and implement tools to extract and analyze low-level information from vehicles to better understand their functioning. • Creating prototypes of tools to counter some of these security problems. • Cryptanalyzing security devices as HSM, secure boot mechanisms, secure protocols, etc. • Designing and implementing improved attacks using Machine Learning and others. • Designing proof-of-concepts of both attacks (exploits) and security mechanisms. • Keeping up-to-date with the current vehicle automaker ecosystem to find potential problems with security and privacy. • Finding strategic targets to analyze. • Collaborate in sourcing of information and materials. • Examining potential privacy threats and finding ways to counter them. • Presenting results in public.
Required experience / knowledge / skills
• Bachelor in Computer Science, Electronics, Industrial Engineering, Telecommunications or Mathematics.
• Proven knowledge of: ciphers, protocols, usage of PKIs.
• Proven knowledge of: SCA, FI, template attacks, etc.
• Pen-testing of different platforms (x86, ARM, etc.), including knowledge of protection mechanisms.
• Hands-on experience with analyzing and reverse-engineering communication protocols. Interaction using SDR.
• Experience with microcontroller programming and embedded hw/software stacks: QNX, AUTOSAR, etc.
• Experience analyzing infotainment systems (QNX), Android Auto and Apple CarPlay.
• Experience with pen-testing Linux and Android.
• Programming: Python.
• Knowledge of ML frameworks and basic ML theory.
• Strong ethics.
• Leadership and a make-do, problem-solving attitude.
• MsC in Cyber Security.
• Strong experience with advance reverse-engineering in SW and embedded HW.
• Knowledge of CAN bus communications and vehicle electronics.
• Knowledge of Machine Learning tools and techniques.
• Knowledge of tamper-resistant protection methods.
• Research publications / public projects.
• A competitive salary (based on a 40-hour week), consistent with your level of education and experience
• An initial one-year contract with the prospect of an indefinite contract
• One extra month’s salary per year (‘13th month’), plus 8% holiday allowance annually
• 25 vacation days , 5 compensation days
• Flexible working hours
• Extensive training opportunities
• Pension and health insurance scheme
• A fast moving, innovative and international diverse working environment