Offensive Embedded Security - Red Team

Leading the future in luxury electric and mobility At Lucid, we set out to introduce the most captivating, luxury electric vehicles that elevate the human experience and transcend the perceived limitations of space, performance, and intelligence. Vehicles that are intuitive, liberating, and designed for the future of mobility.   We plan to lead in this new era of luxury electric by returning to the fundamentals of great design – where every decision we make is in service of the individual and environment. Because when you are no longer bound by convention, you are free to define your own experience.   Come work alongside some of the most accomplished minds in the industry. Beyond providing competitive salaries, we’re providing a community for innovators who want to make an immediate and significant impact. If you are driven to create a better, more sustainable future, then this is the right place for you.

Job Title: Offensive Embedded Security - Red Team

 Position Overview:

We are seeking an experienced Offensive Security (Red Team) Engineer to lead and execute complex redteaming engagements focused on identifying and exploiting vulnerabilities across various systems and applications. You will be responsible for conducting thorough penetration tests, exploit development, and advanced security assessments—emphasizing QEMU or similar platforms for emulation and reverse engineering.

Key Responsibilities:

1. Red Team Operations & Vulnerability Discovery
• Plan, execute, and document comprehensive red team exercises.
• Discover and exploit vulnerabilities using advanced techniques and tools.
• Provide detailed mitigation strategies and recommendations for identified risks.
2. Security Assessments & Threat Modeling
• Perform security assessments, architecture reviews, and threat modeling for new and existing systems.
• Identify, prioritize, and communicate vulnerabilities and risks to relevant stakeholders.
3. Advanced Analysis & Exploitation Techniques
• Conduct static and dynamic analysis (including fuzzing) to identify and validate security weaknesses.
• Perform reverse engineering to uncover hidden or novel vulnerabilities.
• Develop and refine proof-of-concept exploits to demonstrate real-world attack scenarios.
4. Emulation & Virtualization
• Utilize QEMU or similar platforms to emulate hardware platforms and Real-Time Operating Systems (RTOS) for advanced security testing.
• Demonstrate deep knowledge of virtualization/emulation concepts such as TCG (Tiny Code Generator), intermediate representations (IR), and translation blocks.
• Customize or extend emulators to simulate specific environments for vulnerability research.
5. Collaboration & Reporting
• Partner with cross-functional teams (DevOps, product, engineering) to integrate security findings into development processes.
• Communicate technical findings effectively to both technical and non-technical audiences, providing clear remediation guidance.

Required Qualifications:

• Offensive Security Experience
• 3+ years in penetration testing, red team operations, or exploit development.
• Proficiency with standard offensive security tools, techniques, and frameworks.
• Deep Knowledge of QEMU or Similar Emulators
• Expertise in QEMU architecture, including TCG, IR translation, and runtime block execution.
• Experience tailoring emulators for security research and vulnerability analysis.
• Reverse Engineering & Analysis
• Demonstrated capability with reverse engineering tools (IDA Pro, Ghidra, Radare2) to dissect binaries, firmware, or OS components.
• Familiarity with fuzzing frameworks (e.g., AFL, libFuzzer) and static analysis methods.
• Real-Time Operating Systems (RTOS)
• Experience emulating or analyzing RTOS environments for security vulnerabilities.
• Understanding of embedded systems, firmware development, and low-level communications protocols.
• Programming & Scripting Skills
• Proficiency in languages like C/C++, Python, Assembly, or Rust.
• Solid grasp of Linux/Unix environments and common scripting tools.
• Bachelor’s degree in Computer Science, Electrical Engineering, or a related field is required. 

Preferred Qualifications:

• Master’s degree or higher education is preferred.
• End-to-End Security Approach: Familiarity with integrating security testing into the software development lifecycle.
• Cloud and Container Security: Basic understanding of cloud platforms (AWS) and container environments.
• Leadership & Mentoring: Ability to guide and mentor junior members on security best practices.

Salary Range: The compensation range for this position is specific to the locations listed below and is the range Lucid reasonably and in good faith expects to pay for the position taking into account the wide variety of factors that are considered in making compensation decisions, including job-related knowledge; skillset; experience, education and training; certifications; and other relevant business and organizational factors.   Additional Compensation and Benefits: Lucid offers a wide range of competitive benefits, including medical, dental, vision, life insurance, disability insurance, vacation, and 401k. The successful candidate may also be eligible to participate in Lucid’s equity program and/or a discretionary annual incentive program, subject to the rules governing such programs.  (Cash or equity incentive awards, if any, will depend on various factors, including, without limitation, individual and company performance.)Base Pay Range (Annual)$154,000—$211,750 USD

By Submitting your application, you understand and agree that your personal data will be processed in accordance with our Candidate Privacy Notice. If you are a California resident, please refer to our California Candidate Privacy Notice.

To all recruitment agencies: Lucid Motors does not accept agency resumes. Please do not forward resumes to our careers alias or other Lucid Motors employees. Lucid Motors is not responsible for any fees related to unsolicited resumes.