Senior Cyber Security/ Penetration Test Engineer - United Kingdom
Want to know company name or location? Company managed [?]
- Our company is a global provider of pioneering engineering, research and test services to the automotive, defense, aerospace and rail sectors.
- We work in close collaboration with vehicle manufacturers and suppliers around the world, providing comprehensive support ranging from individual product tests to turnkey engineering design, development and build programmes.
- With over 70 years’ experience in developing some of the world’s most iconic vehicles, our engineers utilise the latest test facilities and simulation tools to make vehicles and journeys safer, cleaner, more efficient and rewarding.
- The Systems and Safety team are responsible for the deployment of functional safety, systems engineering and cyber security expertise and tools across the business to deliver internal and external projects.
- These projects can involve a combination of engineering, consultancy, analysis, training, audit and assessment either directly to external customers or for internal product developments. Our portfolio covers all domains of land-based transportation including automotive, commercial, off-highway and defence applications.
- With customers ranging from global vehicle manufacturers down to part-level suppliers, we take a pragmatic approach to scaling international standards and good engineering practice to an appropriate level for the individual client.
- We are now looking for a Senior Cyber Security/ Penetration Test Engineer to join our busy team.
- Commercial penetration testing in the information technology and/or internet of things domain
- Commercial-off-the-shelf embedded operating systems (embedded Windows, Linux, QNX, Android, IOS… )
- WiFi and Ethernet networks: monitoring and attacking
- Bluetooth, NFC or other wireless networks: monitoring and attacking
- USB subsystems and manipulation
- DAB radio services and implementation
- Deployment of over-the-air updates
- Commonplace tools such as SDR
- Writing attack code/malware
- Internet / cloud security
- Mobile security (smartphone integration, CarPlay, etc)
- Code analysis (reverse engineering binary code)
- Threat modelling
- Frameworks such as Metasploit
- Software attacks such as SQL injection
- A strong experience in orchestrating structured attacks and recording data in a systematic way
- Be capable of delivering a high standard of technical writing
- Be capable of presenting technical information confidently to customers
- Be a self-starter and able to execute designated tasks accurately and within timing and budget constraints
- Have well-developed analytical skills – rigorous but pragmatic, being able to justify decisions with solid rationale
- Have good interpersonal skills – a consensus-builder not confrontational
- Be capable of technically coordinating a small group of engineers
- Good first degree (minimum 2:1) in electrical/electronic engineering, IT system, computer sciences or other relevant related discipline
Desirable qualifications for this role would include:
- Higher degree (relevant M.Sc, Eng D or Ph.D)
- Corporate membership of an engineering institution including Chartered Engineer qualification
- Relevant vocational courses (certified IT professional courses for example)
- The candidate should be willing to travel and work flexibly:
- The job is likely to involve periods of 1 week at a time spent overseas approximately 3 or 4 times per year.
- The job may also involve extended placements at customer facilities requiring travel within the UK for 1 to 3 days per week.
- Additionally, the candidate should be willing to engage in the security clearance process and work on defense related projects.