Offensive Embedded Security Engineer - Vulnerability Research - Red Team

Leading the future in luxury electric and mobility At Lucid, we set out to introduce the most captivating, luxury electric vehicles that elevate the human experience and transcend the perceived limitations of space, performance, and intelligence. Vehicles that are intuitive, liberating, and designed for the future of mobility.   We plan to lead in this new era of luxury electric by returning to the fundamentals of great design – where every decision we make is in service of the individual and environment. Because when you are no longer bound by convention, you are free to define your own experience.   Come work alongside some of the most accomplished minds in the industry. Beyond providing competitive salaries, we’re providing a community for innovators who want to make an immediate and significant impact. If you are driven to create a better, more sustainable future, then this is the right place for you.

Role:  Offensive Embedded Security Engineer - Vulnerability Research - Red Team

Role Overview:

We are seeking an Embedded Security Engineer with a deep understanding of firmware and Linux-based embedded systems, who can reverse-engineer code, develop fuzzing tools, and conduct in-depth vulnerability research. The ideal candidate will be well-versed in ARM instructions, taint analysis, and have fundamental knowledge of emulation tools like QEMU. Automotive experience is a plus.

Key Responsibilities:

1. Firmware Analysis & Reversing
• Examine embedded firmware (including Linux-based) at both high- and low-levels to identify security weaknesses.
• Disassemble and reverse-engineer ARM code using tools such as IDA Pro, Ghidra, or Binary Ninja.
2. Vulnerability Research & Exploitation
• Develop and implement custom fuzzing frameworks targeting embedded systems.
• Conduct taint analysis to trace data flow and isolate security-critical functions.
• Discover, document, and demonstrate vulnerabilities, providing clear remediation strategies.
3. Emulation & Testing
• Utilize QEMU or similar emulation platforms to recreate hardware environments for testing and analysis.
• Integrate emulated targets into CI/CD pipelines for continuous vulnerability scanning.
4. Automation & Tooling
• Create specialized scripts and tools to streamline firmware extraction, binary analysis, and fuzzing processes.
• Automate complex testing routines to optimize security assessment workflows.
5. Cross-Team Collaboration
• Work closely with hardware, software, and broader security teams to share findings, guide secure development practices, and implement fixes.
• Collaborate with automotive specialists to adapt research methods for vehicle control units (ECUs) and other automotive platforms.
6. Research & Knowledge Sharing
• Keep abreast of emerging trends and techniques in embedded security, sharing insights with the team.
• Participate in security conferences, workshops, or internal training sessions to foster a culture of learning and continuous improvement.

Required Qualifications:

• Education & Experience
• Bachelor’s degree in Computer Science, Electrical Engineering, or a related field is required.  Master’s degree or higher education is preferred. 
• Proven track record in embedded systems security, vulnerability research, and exploit development.
• Technical Skills
• Firmware Analysis: Experience with both bare-metal and Linux-based firmware, capable of navigating U-Boot, BusyBox, and similar environments.
• Reverse Engineering: Familiarity with ARM instruction sets and disassembly/reversing tools (IDA Pro, Ghidra, Binary Ninja).
• Fuzzing & Taint Analysis: Demonstrated ability to design custom fuzzers and perform data flow/taint analysis.
• Emulation: Hands-on experience using QEMU or similar tools to emulate embedded hardware and software.
• Scripting & Programming: Proficiency in Python, C/C++, or other languages relevant to firmware analysis and exploit creation.

Salary Range: The compensation range for this position is specific to the locations listed below and is the range Lucid reasonably and in good faith expects to pay for the position taking into account the wide variety of factors that are considered in making compensation decisions, including job-related knowledge; skillset; experience, education and training; certifications; and other relevant business and organizational factors.   Additional Compensation and Benefits: Lucid offers a wide range of competitive benefits, including medical, dental, vision, life insurance, disability insurance, vacation, and 401k. The successful candidate may also be eligible to participate in Lucid’s equity program and/or a discretionary annual incentive program, subject to the rules governing such programs.  (Cash or equity incentive awards, if any, will depend on various factors, including, without limitation, individual and company performance.)Base Pay Range (Annual)$154,000—$211,750 USD

By Submitting your application, you understand and agree that your personal data will be processed in accordance with our Candidate Privacy Notice. If you are a California resident, please refer to our California Candidate Privacy Notice.

To all recruitment agencies: Lucid Motors does not accept agency resumes. Please do not forward resumes to our careers alias or other Lucid Motors employees. Lucid Motors is not responsible for any fees related to unsolicited resumes.