Automotive Penetration Tester

Type: Full-time Work Location: On-site at customer locations (India) Compensation: ₹15–20 LPA (fixed) + travel as applicable Experience: 3–7 years (flexible based on skills)Role OverviewWe are hiring an Automotive Cybersecurity Evaluator / Assessor to execute hands-on security assessments of automotive ECUs and connected vehicle components at customer sites. The role focuses on technical testing (black-box/white-box), evidence-driven reporting, and supporting compliance-aligned security assessment outputs.Key ResponsibilitiesPerform ECU and system security assessments across hardware, firmware, diagnostics, and vehicle networks.Evaluate attack surfaces including UART/JTAG/SWD, SPI/I2C, boot/debug access, and production hardening controls.Test CAN/CAN-FD, LIN, and diagnostics including UDS security access and flashing/reprogramming flows (DoIP/Auto Ethernet is a plus).Conduct firmware and binary analysis: extraction, filesystem/service/config review, secrets, crypto misuse, insecure update/signature checks, and security-critical logic review.Produce customer deliverables: attack surface map, test plan/coverage, prioritized findings with evidence, remediation guidance, and retest/validation notes.Contribute to compliance-oriented evidence packages (familiarity with ISO/SAE 21434 and UNECE R155/R156 preferred).Required Skills & Qualifications3+ years in automotive/embedded/device security assessments or vulnerability research with strong hands-on work.Practical experience with ECU interfaces, diagnostics, and firmware reversing.Proficiency with reverse engineering tools (Ghidra/IDA/Binary Ninja) and basic embedded Linux/ELF understanding.Strong documentation and stakeholder communication skills; able to work independently in customer lab environments.DoIP, Automotive Ethernet, protocol fuzzing, secure boot/update mechanism evaluation, hardware security exposure.Scripting for automation (Python/Bash).Company DescriptionArkcore is a cybersecurity-focused company dedicated to securing firmware and embedded systems by design. With expertise in firmware security, embedded system security, and real-world vulnerability research, Arkcore helps enterprises identify and remediate vulnerabilities that traditional tools fail to detect. Our cutting-edge platform, Panopticon, provides real-time threat visibility, automated firmware analysis, and seamless compliance with global cybersecurity regulations. Leveraging advanced threat intelligence and actionable insights, we empower organizations to protect connected devices across industries and product lifecycles. Our mission is to enable comprehensive firmware security, fostering trust and operational resilience in an increasingly connected world.Note: Please apply if you possess the skill set and have experience on them.Email us your CV:

Apply Now