IOT Vulnerability Researcher

About Globals:

Globals has drastically grown from a small home office to a globally recognized enterprise offering world-class quality solutions on Cybersecurity, ERP Systems, Predictive Analytics, and Enterprise Application Development for various industries including Defence, Education, Government, Financial Services and Transport Industries. Globals has enabled its customers to be game-changers in their industry through its disruptive and innovative solutions.

Globals is certified as a "Great Place to Work" organization for its great work culture that helps its team members manage work-life, have dedicated hours to upskill and reskill themselves, and most important to ensure that the projects that they are working on are always unique, challenging their status quo every time. Our unique work culture has made us one of the world’s fastest-growing technology companies as recognized and featured by The Economist.

Our excellence in technical stewardship and service-offering expertise has facilitated our clients ranging from individual entrepreneurs to Fortune Global 500 – to explore new business opportunities, reduce their operational costs significantly and boost their revenues. Today, Globals enjoys a strong position in the industry as a high-performing leader through its technology innovation and remarkable domain expertise.

Globals is a CMMI Level 3 certified company.

About the Job Role:

As an IOT Vulnerability Researcher, you will play a crucial role in identifying and addressing security vulnerabilities within our Internet of Things (IOT) devices and systems. You will work closely with our engineering and security teams to uncover potential weaknesses, assess risks, and recommend remediation strategies. Your expertise in IOT security will contribute to the overall safety and reliability of our IOT products and services.

Key Responsibilities:

  • Conduct comprehensive security assessments of IOT devices, protocols, and networks to identify vulnerabilities, weaknesses, and potential attack vectors.
  • Utilize various tools and techniques to perform penetration testing, reverse engineering, and code analysis on IOT hardware and software components.
  • Research and stay updated on emerging threats, attack methodologies, and security trends in the IOT landscape.
  • Document and report identified vulnerabilities with detailed technical explanations, potential impact and recommended remediation strategies.
  • Assist in the development and maintenance of secure coding guidelines, standards and documentation for IOT development teams.
  • Participate in code reviews, design reviews, and discussions to ensure security considerations are integrated into IOT product development.
  • Collaborate with incident response teams to analyze and address security incidents related to IOT devices and systems.

Requirements & Skills:

  • Minimum of 1 year of professional experience in IOT security, vulnerability research, or related roles.
  • Strong understanding of IOT architecture, protocols, and security challenges.
  • Experience with hardware and software reverse engineering techniques and tools.
  • Proficiency in programming languages commonly used in IOT development (e.g., C, C++, Python).
  • Familiarity with IOT communication protocols such as MQTT, CoAP, Zigbee, Bluetooth, etc.
  • Knowledge of IOT security standards and best practices (e.g., NIST IOT Cybersecurity Framework, OWASP IOT Top Ten).
  • Hands-on experience with IOT security assessment tools such as Wireshark, IDA Pro, JTAG, etc.
  • Excellent analytical and problem-solving skills with the ability to think creatively to uncover potential vulnerabilities.
  • Effective communication skills, both written and verbal, to convey technical concepts to diverse audiences.
  • Relevant certifications such as Certified IOT Security Practitioner (CIOTSP), Certified IOT Professional (CIOTP), or similar, are a plus.
  • Knowledge of regulatory compliance standards such as GDPR, HIPAA, or industry-specific requirements is advantageous.
  • Bachelor's degree in Computer Science, Information Security or equivalent practical experience.