IoT Security Researcher
Location
United States + 180 moreAll locations: United States, Canada, Brazil, Colombia, Argentina, Chile, Venezuela, Bolivarian Republic Of, Bolivia, Plurinational State Of, Ecuador, French Guiana, Guyana, Paraguay, Peru, Suriname, Uruguay, Mexico, Costa Rica, El Salvador, Guatemala, Honduras, Nicaragua, Panama, Dominican Republic, Puerto Rico, Bahamas, Guadeloupe, Haiti, Jamaica, Martinique, Montserrat, United Kingdom, Germany, France, Estonia, Portugal, Hungary, Poland, Ukraine, Romania, Bulgaria, Czech Republic, Slovakia, Belarus, Moldova, Republic Of, Sweden, Greece, Belgium, Italy, Ireland, Switzerland, Netherlands, Finland, Malta, Denmark, Lithuania, Croatia, Spain, Austria, Bosnia And Herzegovina, Iceland, Luxembourg, Macedonia, The Former Yugoslav Republic Of, Montenegro, Norway, Serbia, Slovenia, Albania, Cyprus, Latvia, Monaco, South Africa, Egypt, Algeria, Angola, Benin, Botswana, Burkina Faso, Burundi, Cameroon, Cape Verde, Central African Republic, Chad, Congo, Côte D'ivoire, Congo, The Democratic Republic Of The, Equatorial Guinea, Eritrea, Ethiopia, Gabon, Gambia, Ghana, Guinea, Guinea-bissau, Kenya, Lesotho, Liberia, Libyan Arab Jamahiriya, Madagascar, Malawi, Mali, Mauritania, Mauritius, Mayotte, Morocco, Mozambique, Namibia, Niger, Nigeria, Réunion, Rwanda, Senegal, Seychelles, Sierra Leone, Somalia, Sudan, Swaziland, Tanzania, United Republic Of, Togo, Tunisia, Uganda, Zambia, Zimbabwe, Georgia, Turkey, Israel, United Arab Emirates, Armenia, Azerbaijan, Bahrain, Iraq, Jordan, Kuwait, Lebanon, Oman, Qatar, Saudi Arabia, Palestinian Territory, Occupied, Yemen, India, Japan, Philippines, Pakistan, Thailand, Singapore, Viet Nam, Taiwan, Province Of China, Indonesia, Cambodia, Lao People's Democratic Republic, Malaysia, Myanmar, Korea, Republic Of, China, Afghanistan, Bangladesh, Bhutan, Kazakhstan, Kyrgyzstan, Maldives, Mongolia, Nepal, Sri Lanka, Tajikistan, Turkmenistan, Uzbekistan, Australia, Papua New Guinea, Kiribati, Palau, French Polynesia, Tuvalu, New Zealand
Posted
4 days ago
Salary
Not specified
No structured requirement data.
Job Description
Role Description
Our client is seeking an IoT Security Researcher to conduct advanced vulnerability research on embedded systems and connected devices. The role focuses on identifying and analyzing security weaknesses in firmware, device operating systems, and IoT communication protocols. This position is suited for researchers who enjoy low-level analysis, firmware reverse engineering, and vulnerability discovery across embedded platforms.
You will work with a team of experienced security researchers performing hands-on analysis of real-world devices, developing proof-of-concept exploits, and advancing internal research capabilities.
Responsibilities
- Conduct vulnerability research on IoT and embedded systems across multiple platforms and device types.
- Perform firmware extraction, unpacking, and reverse engineering.
- Analyze device firmware using static and dynamic analysis techniques.
- Identify vulnerabilities in device operating systems, network services, and communication protocols.
- Develop proof-of-concept exploits to demonstrate impact.
- Interact with device hardware using debugging and extraction interfaces such as UART, JTAG, SPI, or SWD.
- Analyze IoT network protocols and device communications.
- Document research findings and communicate technical discoveries to internal teams.
- Develop tools and automation to support ongoing research activities.
Qualifications
- Experience in vulnerability research or reverse engineering.
- Experience analyzing embedded systems, firmware, or IoT devices.
- Proficiency with reverse engineering tools such as Ghidra, IDA Pro, or Binary Ninja.
- Experience with Linux-based embedded environments.
- Scripting ability with Python or similar languages.
- Understanding of network protocols and embedded device architectures.
- Strong analytical and problem-solving skills.
Requirements
- Experience with hardware debugging or chip-level interfaces.
- Familiarity with IoT protocols such as MQTT, BLE, Zigbee, or proprietary device protocols.
- Experience with exploit development.
- Public vulnerability research, CVEs, or conference presentations.
- Participation in CTFs, bug bounty programs, or security research communities.
Job Requirements
- Experience in vulnerability research or reverse engineering.
- Experience analyzing embedded systems, firmware, or IoT devices.
- Proficiency with reverse engineering tools such as Ghidra, IDA Pro, or Binary Ninja.
- Experience with Linux-based embedded environments.
- Scripting ability with Python or similar languages.
- Understanding of network protocols and embedded device architectures.
- Strong analytical and problem-solving skills.
- Experience with hardware debugging or chip-level interfaces.
- Familiarity with IoT protocols such as MQTT, BLE, Zigbee, or proprietary device protocols.
- Experience with exploit development.
- Public vulnerability research, CVEs, or conference presentations.
- Participation in CTFs, bug bounty programs, or security research communities.
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
Senior Cloud & Identity Engineer
JobgetherWe use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team. We appreciate your interest and wish you the best! Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time. #LI-CL1 We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.
This role is designed for a hands-on engineer who will lead and support secure, scalable cloud and identity solutions across enterprise platforms. You will work closely with architecture, security, and operations teams to design, deploy, and maintain identity systems, API integra...
The Principal Technical Consultant (PTC) Identity Focused Security Architect is a hands-on delivery leader who designs and leads identity solution implementations in client environments. This role is not purely advisory. You will own identity workstreams end to end, driving archi...
Principal Product Security Architect
Lumen TechnologiesLumen connects the world. We are igniting business growth by connecting people, data and applications – quickly, securely, and effortlessly. Together, we are building a culture and company from the people up – committed to teamwork, trust and transparency. People power progress. We’re looking for top-tier talent and offer the flexibility you need to thrive and deliver lasting impact. Join us as we digitally connect the world and shape the future. Background Screening If you are selected for a position, there will be a background screen, which may include checks for criminal records and/or motor vehicle reports and/or drug screening, depending on the position requirements. Equal Employment Opportunities We are committed to providing equal employment opportunities to all persons regardless of race, color, ancestry, citizenship, national origin, religion, veteran status, disability, genetic characteristic or information, age, gender, sexual orientation, gender identity, gender expression, marital status, family status, pregnancy, or other legally protected status (collectively, “protected statuses”). We do not tolerate unlawful discrimination in any employment decisions, including recruiting, hiring, compensation, promotion, benefits, discipline, termination, job assignments or training. Disclaimer The job responsibilities described above indicate the general nature and level of work performed by employees within this classification. It is not intended to include a comprehensive inventory of all duties and responsibilities for this job. Job duties and responsibilities are subject to change based on evolving business needs and conditions.
This senior technical leadership role is responsible for researching, designing, prototyping, and operationalizing advanced security solutions for Lumen’s Managed and Professional Security Services portfolio. The architect will drive innovation to create market-ready cybersecurity offerings supporting the end-to-end lifecycle from design through SOC operations.
The Security Consultant plays a key role in implementing and enabling Tenable’s Exposure Management solutions to help organizations effectively manage and reduce cyber risks. This role onboards Tenable technologies, following industry standards and best practices, to deliver cust...
