Product and Hardware Security Penetration Tester

Duties/Responsibilities

Dark Wolf Solutions is actively seeking an experienced Product and Hardware Security Penetration Tester to join our innovative team. This individual will play a critical role in assessing and enhancing the security of various products, including hardware, software, and embedded systems. This role demands a deep understanding of penetration testing methodologies and advanced exploit development, focusing on identifying and mitigating vulnerabilities across a wide range of technologies. As a Senior Product and Hardware Security Penetration Tester, you will have the chance to work on cutting-edge technologies and contribute to the enhancement of security across a wide range of products. If you possess a strong background in penetration testing and a passion for cybersecurity, we encourage you to apply for this pivotal role. This position is set to be supported in a hybrid work environment out of Colorado Springs, CO. Key responsibilities include, but are not limited to:

• Conducting comprehensive penetration testing on hardware, software, and network components.
• Performing advanced vulnerability scanning and assessments on all components.
• Performing a Cybersecurity evaluation of the product under test to identify vulnerabilities that would negatively impact the Confidentiality, Integrity, or Availability of system data or functionality.
• Opining on the impact and level of effort required to exploit the identified vulnerabilities as well as provide information on a high-level remediation strategy.
• Testing more complex technologies and guiding junior testers through more advanced testing scenarios.
• Articulating higher-order impacts of identified vulnerabilities.
• Informing the client in writing and verbally of how the identified vulnerabilities can be chained together to create a cyber “kill-chain”.
• Ensuring quality control on all artifacts generated during the penetration testing process.
• Analyzing software, firmware, hardware, and/or RF components within the system.
• Developing and executing exploits and proof-of-concept (PoC) attacks to demonstrate the impact of identified vulnerabilities.
• Analyzing and reverse engineering firmware and embedded systems to identify security weaknesses.
• Testing and assessing the security of secure boot processes and Trusted Execution Environments (TEE).
• Conducting web application security assessments, focusing on OWASP Top Ten vulnerabilities and API security testing.
• Performing manual verification of vulnerabilities, assessing their risk and exploitability.
• Engaging in wireless and RF security testing, including penetration testing on Wi-Fi, Bluetooth, and Zigbee networks.
• Utilizing Software Defined Radio (SDR) for protocol reverse engineering and testing.
• Reporting detailed findings and providing actionable recommendations for remediation to enhance product security.
  
  

Required Qualifications

• 10 years’ experience in penetration testing and vulnerability assessment (for Senior level).
• 3 years for junior to mid-.level.
• Proficiency in firmware analysis, reverse engineering, and binary exploitation.
• Experience in web application security testing and API security assessments.
• Hands-on experience with wireless and RF security testing.
• Advanced knowledge of Software Defined Radio (SDR) and protocol reverse engineering.
• US Citizenship and clearable at a minimum of the Secret Level
  
  

Desired Qualifications

• Bachelor’s degree in Cybersecurity, Information Technology, or a related field.
• Proven ability to develop and execute complex exploits and PoC attacks.
• Strong analytical skills and experience in firmware and embedded systems testing.
• Effective communication skills, with the ability to present findings and recommendations clearly.
• Certifications such as OSCP, PNPT, GPEN or similar are highly desirable.
  
  

This position is located in Colorado Springs, CO. The salary range for the senior level is estimated to $170,000.00 - $210,000.00 commensurate on experience and technical skillset. The estimated salary range for junior to mid-level is $120,000.00 - $160,000.00. Potential for 1099 with caveat.

We are proud to be an EEO/AA employer Minorities/Women/Veterans/Disabled and other protected categories.

In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire.