Lead Cyber Security Test Engineer Job Description **What is the job about?** Our Digital Development teams are highly cross-functional with our business colleagues and customers setting the direction.As a Lead Cyber security Tester, you will be responsible for identifying and mitigating security vulnerabilities in embedded systems and firmware across a variety of devices, including IoT devices. You will work closely with cross-functional teams, including software engineers, hardware engineers, and security analysts, to ensure the security and resilience of our products against potential threats **Your main responsibilities:** The Lead Cyber security test engineer is, throughout the lifetime of a digital solution, accountable for: + Perform security assessments and penetration testing on embedded systems and firmware to identify vulnerabilities and weaknesses. + Develop and execute test plans, test cases, and scripts to uncover security flaws within embedded software. + Conduct static and dynamic analysis of firmware and software binaries to identify potential vulnerabilities. + Reverse engineer firmware and embedded systems to understand potential attack vectors and develop exploitation techniques. + Collaborate with development teams to remediate identified vulnerabilities and provide guidance on secure coding practices. + Develop and maintain security testing tools, scripts, and frameworks specifically tailored for embedded systems. + Keep up-to-date with the latest security trends, vulnerabilities, attack vectors, and mitigation strategies specific to embedded systems. + Prepare detailed technical reports, including proof-of-concept exploits, risk assessments, and recommendations for security improvements. + Participate in security design reviews and threat modeling for new embedded systems and devices. + Work with hardware interfaces, including JTAG, UART, SPI, and I2C, to extract firmware and assess security postures. + Conduct security research on new embedded technologies, protocols, and platforms. + Train and mentor junior team members on embedded security testing methodologies and tools. + Manage the deliverables from the Cyber security test team + Guide the team on technical aspects so that the tools can support all teams seamlessly. + Bring new innovations and ideas for Cyber security testing + Ensure cyber security tests (like penetration test, threat mitigation test, known vulnerability scanning, security requirement test) are conducted for all products + Contribute to the improvement of the Cyber security test maturity of the organization + Come up with suggestions to improve performance of the digital offerings **Your Background:** + Bachelor's degree in Computer Science, Electrical Engineering, Cybersecurity, or a related field. Equivalent experience will be considered. + Proven experience in embedded software development, reverse engineering, or penetration testing. + Strong knowledge of embedded systems architecture, operating systems, and firmware development. + Proficiency in programming languages such as C, C++, Python, and assembly. + Experience with tools such as Ghidra, IDA Pro, Binary Ninja, Burp Suite, and Wireshark. + Knowledge of various embedded communication protocols (e.g., CAN, Modbus, Zigbee, Bluetooth, etc.). + Familiarity with hardware hacking techniques, including chip-off attacks, glitching, and side-channel analysis. + Strong understanding of security principles, cryptography, and secure coding practices. + Experience with source code analysis and understanding of common software vulnerabilities (e.g., buffer overflows, format string vulnerabilities, etc.). + Excellent analytical, problem-solving, and communication skills. Relevant certifications such as CEH, OSCP, OSCE, CISSP, or GIAC Embedded Systems Security (GICSP) are a plus. Do you want to learn more? This position is based inChennai. If this sounds appealing to you, please upload your CV/resume and cover letter today via our Careers portal. If you want to dig deeper into the Grundfos universe, please visit us on LinkedIn or Youtube and to get to know some of your future colleagues and why they appreciate working at Grundfos, check out Meet our people We look forward to hearing from you. Information at a Glance **Job Details** Application deadline: Workplace: Hybrid (office and home-working) Job Location: Chennai, Tamil Nādu, India Contract Type: Full-Time Employment Type: Regular