Experienced Penetration Tester with Expertise in IOT

Location: Tel Aviv

Other locations: Primary Location Only

Date: Apr 25, 2024

Requisition ID: 1476130

Who Are We?

EY Advanced Security Center is a global leader in information security services. As part of Ernst & Young's worldwide network, we are in Tel Aviv. EY has been home to some of the world's best security consultants for over 15 years, creating tangible business value for our clients through their technical expertise. Among our clients, you will find governments, countries, financial institutions, utility companies, blue-chip firms, and many others.

Our employees are at the forefront of the information security field, with best practices in penetration testing, thorough research, homegrown tools, and more.

Position Overview:

As a Pentester with expertise in IoT security, you will play a crucial role in identifying and addressing potential vulnerabilities in pentesting IoT projects and medical devices. The ideal candidate will have a minimum of 2 years of hands-on experience in penetration testing and a background in pentesting IoT devices.

Responsibilities:

Conduct comprehensive penetration tests on different types of system and technologies, with a specific emphasis on IoT devices.

Identify and exploit security vulnerabilities on thick client/mobile applications and also on products like IoT or medical devices.

Assess the security of embedded systems, firmware, and IoT protocols.

Provide detailed reports and recommendations for mitigating identified risks, especially in the IoT context.

Stay up-to-date with the latest cybersecurity trends and threat landscapes, particularly in the rapidly evolving IoT domain.

Requirements:

Minimum of 2 years of proven experience in penetration testing (Web, Mobile, Thick Client).

Minimum of 1 year of Reverse engineering, using tools like IDA, Ghidra, Qemu.

In-depth knowledge of IoT security protocols, standards, and best practices.

Hands-on experience with Penetration testing on IoT devices, including embedded systems and firmware.

Familiarity with common IoT communication hardware protocols (e.g., SPI, UART) and Radio Frequencies (e.g. WiFi, BLE, Zigbee).

Understanding of hardware security considerations in IoT devices.

Knowledge of IoT-specific vulnerabilities and attack vectors.

Provider	Description	Enabled
AddThis	Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Cookie Information Privacy Policy Terms and Conditions
LinkedIn	LinkedIn is an employment-oriented social networking service. We use the Apply with LinkedIn feature to allow you to apply for jobs using your LinkedIn profile. Opting out of LinkedIn cookies will disable your ability to use Apply with LinkedIn. Cookie Policy Cookie Table Privacy Policy Terms and Conditions
Google Analytics	Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Cookie Information Privacy Policy Terms and Conditions
Google Tag Manager	Google Tag Manager is a tag management system for conversion tracking, site analytics, remarketing, and more. Privacy Policy Terms and Conditions

Experienced Penetration Tester with Expertise in IOT

Job description