Inmar logo
Inmar4 months ago

Product Security Engineer

$110,926–$184,877 year

On-site · Winston-Salem, North Carolina, United States

Type
Full Time
Level
Mid Level
Education
Bachelors Degree
Company size
Unknown

Job Summary

The Product Security Engineer conducts comprehensive security assessments on mobile applications, IoT hardware/firmware, compiled software, and browser extensions. This role involves identifying vulnerabilities, performing reverse engineering, and penetration testing. The engineer collaborates with cross-functional teams to enhance security measures and manage third-party risks. Requires a Bachelor's degree in a related field and 5-7 years of relevant experience. Proficiency in using security analysis tools and a strong understanding of binary file formats is essential. Strong communication skills are important for documenting findings and providing security recommendations.

Required Qualifications

  • Bachelors of Science in a related field, such as Computer Science, Electrical Engineering, or Cyber Security.
  • 5-7 years of relevant experience in software exploitation, reverse engineering, malware analysis, or a related field; or any equivalent combination of experience and training that provides the required knowledge, skills, and abilities needed to complete the primary job responsibilities.
  • Proficient in using debuggers, decompilers, and disassemblers to analyze code for vulnerabilities across various CPU architectures, including ARM and RISC-V.
  • Strong understanding of binary file formats like PE, ELF, and Mach-O, enabling analysis of applications for security flaws.
  • Skilled in low-level data extraction and analysis using tools like QEMU and Verilog to identify and verify vulnerabilities through emulation.
  • Knowledgeable about Linux loaders, binary packing, and embedded systems tools such as BusyBox, binwalk, and u-boot.
  • Experienced in capturing and analyzing network traffic, including using tools like tcpdump and Scapy to dissect proprietary protocols.
  • Experienced in BOM enumeration and leveraging tools like CycloneDX for inventory and risk assessment.
  • Strong analytical and problem-solving skills, with a keen eye for identifying and mitigating security risks.
  • Excellent communication skills for documenting findings, providing security recommendations, and effectively disclosing vulnerabilities to technical and non-technical audiences.

Desired Qualifications

  • Prior experience working in cybersecurity research or security assessment functions.
  • Experience with application security testing and associated static and dynamic analysis tools.
  • Knowledge of cryptographic principles and secure coding practices.
  • Familiarity with security assessment frameworks and compliance standards.
  • Prior experience with radio signals analysis and associated security hardening methodologies.

Additional Requirements

  • This position is not eligible for student visa sponsorship, including F-1 OPT or CPT. Candidates must have authorization to work in the U.S. without the need for employer sponsorship now or in the future.
Sorce

Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.

Hiring someone like this?

Get your role in front of qualified candidates on Sorce.

Get started

$111k – $185k / yr

Product Security Engineer · Inmar

Apply on Sorce