Embedded Product Security Consultant (Contract – Fully Remote)
Location: Remote (UK/EU based preferred)
Rate: Competitive day rate
We are seeking an experienced Embedded Product Security Consultant to undertake in-depth security reviews and assessments across embedded, mobile and IoT platforms. This role involves low-level security analysis, vulnerability assessment, and providing expert guidance on secure system design for both hardware and software components.
Key Responsibilities:
* Review low-level C code (FreeRTOS, Android, Linux kernel drivers) and protocol parsers.
* Assess and advise on sandboxing and isolation policies (SELinux/SE Android, seccomp, Linux namespaces, Minijail/Firejail).
* Conduct cryptographic implementation reviews, particularly secure boot and code-signing mechanisms.
* Analyse Android applications (Java) and system-level components.
* Examine and debug ARM 32/64-bit assembly.
* Reverse engineer firmware and embedded systems.
* Carry out hardware and embedded system hacking exercises.
* Perform wireless protocol security testing (Wi-Fi, Bluetooth)
* Deliver vulnerability assessments, penetration testing, and exploit proof-of-concepts.
* Work with development teams using Git/GitHub workflows.
Essential Skills & Experience:
* Strong background in embedded security and low-level programming.
* Hands-on experience with FreeRTOS, Linux kernel drivers, and Android internals.
* Deep understanding of cryptography and secure system design.
* Proven experience in reverse engineering and vulnerability research.
* Knowledge of wireless protocol security testing.
* Excellent written and verbal communication skills.