Role Description Finite State is seeking an experienced IoT / ICS / OT and Penetration Tester to join our growing Services team. In this role you will conduct hands-on security assessments of connected devices, embedded systems, industrial control systems, and automotive platforms on behalf of our customers. You will combine deep hardware and firmware expertise with a consultative mindset to deliver clear, actionable findings that help manufacturers and operators understand and reduce risk. Responsibilities - Plan and execute penetration tests and security assessments against IoT, ICS/OT, and automotive targets, including connected consumer devices, industrial controllers, and automotive ECUs and telematics units. - Perform hardware interaction and firmware extraction using techniques such as JTAG, SWD, UART, SPI, I2C, eMMC, and NAND flash dumping; solder and rework PCBs as needed to gain access to debug interfaces. - Conduct firmware reverse engineering using tools such as Ghidra and Binary Ninja to identify vulnerabilities including memory corruption, authentication bypasses, hard-coded credentials, and insecure update mechanisms. - Assess wireless protocols common in IoT and automotive environments, including Bluetooth / BLE, Zigbee, Z-Wave, Wi-Fi, Cellular (LTE/5G), CAN bus, LIN, and automotive Ethernet. - Perform source code review, primarily in C, C++, and related embedded languages, to identify security weaknesses in firmware and embedded software. - Conduct supply chain and software composition analysis, including SBOM review and analysis of third-party open-source components, to identify known vulnerabilities and license risks. - Evaluate customer products and programs for compliance with relevant regulations and standards, including EN 303 645, the EU Cyber Resilience Act (CRA), EU Radio Equipment Directive (CE RED), UNECE WP.29 / ISO 21434 for automotive, and the US IoT Cyber Trust Mark. - Produce high-quality written reports that clearly communicate technical findings, risk ratings, and remediation guidance to both technical and executive audiences. - Leverage AI-powered security tooling and LLM-assisted workflows to accelerate analysis, triage, and reporting; maintain awareness of evolving AI capabilities relevant to embedded security research. - Collaborate with the product, engineering, and research teams to feed pentesting findings back into the Finite State platform and improve detection capabilities. - Support customer-facing engagements including scoping calls, technical debriefs, and remediation follow-up. - Contribute to internal knowledge sharing, tooling development, and methodology improvement. - Participate in industry conferences, publish research, and represent Finite State externally as opportunities arise. Qualifications - Bachelor's degree in Computer Science, Electrical Engineering, Computer Engineering, or a related field. - 5+ years of hands-on experience in IoT, embedded, ICS/OT, or automotive security. - Demonstrated experience performing hardware-level security assessments: JTAG/SWD debugging, SPI/I2C/UART communication, flash memory extraction, and PCB soldering and rework. - Proficiency with firmware reverse engineering tools, specifically Ghidra and/or Binary Ninja; ability to analyze ARM, MIPS, PPC, x86, and x64 architectures. - Experience testing IoT and automotive wireless protocols, including BLE, Zigbee, Z-Wave, Wi-Fi, CAN bus, and cellular interfaces. - Ability to read and review source code in C and C++ to identify memory safety issues, authentication flaws, and other security weaknesses in embedded software. - Familiarity with SBOM concepts, formats (CycloneDX, SPDX), and the use of SBOMs in vulnerability management. - Working knowledge of relevant regulations and standards, including at least a subset of: EU CRA, CE RED / EN 303 645, UNECE WP.29, ISO 21434, or the US IoT Cyber Trust Mark. - Excellent written and verbal communication skills; proven ability to write clear, well-structured technical reports and present findings to diverse audiences. - Experience with scripting and automation using Python and Bash to support tooling and workflow efficiency. - Familiarity with AI-assisted security tooling and an interest in applying LLM-based workflows to accelerate security analysis and reporting. Preferred Qualifications - Hands-on automotive security experience: OBD-II assessment, ECU flashing and analysis, V2X protocols, or automotive HSM evaluation. - Experience with industrial control system (ICS/SCADA) security assessments and familiarity with protocols such as Modbus, DNP3, EtherNet/IP, or OPC-UA. - CVE or responsible disclosure history demonstrating original vulnerability research in embedded or IoT targets. - Relevant certifications such as OSCP, GPEN, GICSP, or vendor-specific automotive security credentials. - Familiarity with static and dynamic analysis platforms and SAST/DAST tooling in the context of firmware and embedded software. - Experience with ML-based vulnerability detection models or AI-augmented reverse engineering pipelines. - Experience working on small, fast-moving consulting or product security teams. - Comfort operating in AWS or similar cloud environments used to support analysis pipelines or customer deliverables. Benefits - Be part of building the leading platform for connected device cybersecurity. - Join a fast-moving team that values transparency, innovation and impact. - Work fully remotely with a high degree of autonomy and ownership. - Comprehensive benefits. - Investment: learning stipends to support your professional development. - Equity: share in our growth and success. - Help solve some of the most pressing cybersecurity challenges facing connected device manufacturers and the millions of people who depend on them.