Senior Engineer - Embedded Product Security

Work Flexibility: Hybrid What you will do: Initial Reconnaissance - Understand product’s internal as well as communication mechanism Threat Modelling - Identification of Actors and Entity Boundary Protocol Endpoints - Read/Understand Protocol Specification, Gather Sample Protocol Implementations & Protocol Simulators, Testing with the Simulators and ability to write Scripts to Interact with The device Firmware Vulnerability Analysis - Firmware Extraction and Analysing Firmware, Vulnerability Analysis, Manual Reversing of Binaries, Understand Firmware Update Process Hardware Vulnerability Analysis - Identify and analyse Hardware Debug ports, Memory extraction and analysis, Malicious data injection Manage all facets of Vulnerability Assessment and Penetration testing involving embedded devices. Perform attacks and identify vulnerabilities on interfaces like USB, Ethernet etc. Expertise/Familiarity with Hardware & Radio Security Testing:- UART, Wi-Fi testing, MQTT testing, Radio testing, JTAG etc. What you need: Required Qualifications: Bachelor’s in Software/Electronics Engineering or equivalent degree. 2-7 years of hands-on experience in Vulnerability and Penetration Testing using tools like Kali, Nessus, Burpsuite, Qualys etc. Experience in automation of routine tasks using tools like Jenkins and/or scripting languages such as PowerShell, Ruby or Python. Preferred Qualifications: Understanding of Cloud based environments like Azure and AWS. At least one professional certification like ECSA Practical/CPENT/LPT/OSCP/OSWE/OSCE or similar involving practical exams. Must be flexible, independent and self-motivated. Excellent communication and interpersonal skills. Good to have: Prior work experience in medical devices. Travel Percentage: 20% Stryker is one of the world’s leading medical technology companies and, together with its customers, is driven to make healthcare better. We offer innovative products and services in Orthopaedics, Medical and Surgical, and Neurotechnology and Spine that help improve patient and hospital outcomes. We are proud to be named one of the World’s Best Workplaces! For more information, visit: www.stryker.com Work Flexibility Remote – Role allows you to work the majority to 100% of time from an alternate workplace. These roles could have travel expectations, and you must work within the country of the job requisition location. Field-based – You can expect to regularly work a majority to 100% of time at customer facilities and has a set territory or expectation to travel within a set boundary. Almost all sales roles would likely be qualified as field-based. Onsite – Role is 100% located at a Stryker facility. Some ad hoc flexibility may be available depending on role, level, and job requirements. Manufacturing roles and any role that requires physical presence at the office would qualify under this category. Hybrid – You can expect to regularly work in both an alternate workplace and a Stryker facility. Roles that are partially remote or co-located would qualify as hybrid, and the expectation to be onsite would be defined and agreed upon by your manager/supervisor.