Job Description

Core Technical Skills

Strong programming in C/C++, with working knowledge of " Rust or Python " for tooling.
Experience with "Embedded Linux, Yocto, or RTOS" (FreeRTOS, Zephyr, QNX). Familiarity with "secure boot, firmware signing, encryption, and hardware root of trust (TPM, TrustZone, HSM)". Hands-on with "embedded communication protocols": CAN, UART, SPI, I2C, MQTT(S), CoAP, BLE, LTE, NB-IoT. Deep understanding of "public key infrastructure (PKI), TLS/DTLS, and device identity management". Knowledge of "OTA update mechanisms", firmware integrity verification, and rollback protection.
Platform & Integration Skills

Experience building or integrating with "IoT gateways, edge agents, or device management platforms". Understanding of "telemetry pipelines, data normalization, and real-time analytics feeds". Familiarity with cloud IoT platforms(AWS IoT Core, Azure IoT Hub, or GCP IoT Core).
Comfortable working with containerized services (Docker, Podman) and CI/CD pipelines for firmware. Basic understanding of microservices, message brokers (Kafka, MQTT brokers, ZeroMQ).
Security & Threat Modeling

Ability to perform embedded vulnerability analysis, fuzz testing, and binary reverse engineering (Binwalk, Ghidra, IDA). Knowledge of threat modeling (STRIDE, DREAD, or MITRE ATT&CK for IoT). Familiarity with intrusion detection, runtime behavior analysis, and telemetry anomaly detection. Awareness of secure coding practices and common vulnerabilities (CWE, CVE). Understanding of device authentication, access control, and data encryption in motion and at rest.
Testing & Tools

Experience with:

Firmware analysis tools - Binwalk, EMBA, Firmwalker. Network debugging - Wireshark, Scapy, Burp Suite, CANalyzer. Static/dynamic analysis - cppcheck, clang-analyzer, AFL fuzzers. Use of secure code review and SAST/DAST tools integrated into pipelines.
Domain & Standards Awareness

Experience in automotive, mobility, or fleet systems (telemetry boxes, ECUs, or edge gateways). Familiar with security standards: ISO/SAE 21434 (Automotive) IEC 62443 (Industrial IoT) ISO 27001 (Information Security) Understanding of functional safety & security interplay (ASIL, safety-critical architectures).
Bonus / Good-to-Have

Experience implementing embedded anomaly detection or TinyML for edge threat intelligence. Knowledge of secure OTA orchestration pipelines and rollback prevention. Hands-on with DevSecOps pipelines for firmware builds. Exposure to compliance mapping or security posture scoring systems. Certifications like GICSP, CEH, OSCP, or ISO 21434 Practitioner.
Soft Skills

Analytical and methodical approach to debugging and risk evaluation. Cross-functional communication with hardware, software, and cloud teams. Documentation mindset: ability to write threat models, test reports, and remediation steps. Proactive learning in fast-evolving IoT security standards.
Job Type: Full-time

Pay: ₹346,542.17 - ₹1,421,039.80 per year

Work Location: In person