Iot security researcher

Posted: July 6, 2020, 10:59 a.m. - Full Time - Pune

Are you passionate about breaking the hardware? Are you someone who eats, drinks, breathes, and dreams security? If yes, then Payatu is the place for you. We are always in search of passionate people to expand our renowned Bandit family at Payatu.

In the quest for Bandits, we are looking for individuals passionate about breaking IoT products to join our esteemed team. Here is an excellent opportunity we would like to share with you.

What we look for

1. Your expertise is your primary qualification, not your degree or certification
2. Your publicly known contributions are your credentials
3. Papers you have written, tools you have developed are your references
4. Your write-up reflects your interests and ethics
5. Your published exploits, your CTF scores and hall of fame listings are the testimonies of your work
6. Your research papers published and presented at conferences
7. You are learning from the community and enthusiastically contributing back

What you will do:

1. Reverse Engineer circuits
2. Identify debug interfaces and components on boards
3. Extract firmware from black box hardware
4. Back your findings with Proof-of-concept exploits
5. Collect evidence and maintain a detailed write-up of the findings
6. Explain and demonstrate vulnerabilities to system owners
7. Provide appropriate remediation and mitigations of the identified vulnerabilities
8. Individually or collaboratively review the system designs, source code, configurations, communications for security gaps.
9. Deliver results within stipulated timelines.
10. Sharpen your saw with continuous research, learning, training on the latest tools and techniques, keeping up with new research and sharing the same with the ecosystem.
11. Communicate well using verbal and written skills, within and out of the team

The technical skill you should have:

1. Stronghold on reverse engineering ARM/MIPS/x86 code
2. Stronghold on Android/iOS security
3. Good command of at least one programming language
4. Knowledge of radio chips and protocols
5. Understanding of Web/Mobile/Cloud application security concept would be plus

You should apply if:

1. You have Passion for making and breaking hardware
2. You have a history of publishing or presenting good research
3. You have the knack of finding security bugs in everything you touch
4. You like writing tools
5. You like automating stuff
6. You have excellent written and verbal communication skills and the ability to express your thoughts clearly
7. You have the skill to articulate and present technical things in business language
8. You can work independently as well as within a team and meet project schedule and deadlines
9. You have strong problem solving, troubleshooting and analysis skills
10. You are passionate about your area of expertise and self-driven
11. You are comfortable working in the dynamic and fast-paced work environment
12. You are Self-driven, proactive, hardworking, team-player
13. You are working on something on your own in your field apart from official work.