System Security Engineer
Pune, India
Arrow Electronics
Experience:
5–8 years
Key Skills:
• Proficient in using Metasploit, Nmap, and Kali Linux for penetration testing
• Strong experience with firmware analysis tools such as Binwalk and Ghidra
• Knowledge of Linux hardening and secure configuration practices
• Familiarity with vulnerability scoring systems (CVSS) and CVE tracking
• Experience with patch verification and secure update testing
• Skilled in reverse engineering firmware images
• Proficient in scripting languages (Python, Bash) for automation
• Knowledge of embedded operating systems (Yocto, OpenWRT)
• Understanding of secure boot and rollback mechanisms
• Experience with static and dynamic vulnerability assessments
• Familiarity with hardware debugging interfaces (JTAG, UART)
• Ability to document findings and prepare technical reports
• Knowledge of SBOM analysis and patch management processes
• Ability to collaborate effectively with senior engineers
• Strong problem-solving and analytical skills
Responsibilities:
• Execute comprehensive VAPT on firmware and embedded OS components
• Conduct vulnerability scans and manual security testing on target devices
• Validate secure update, patch management, and rollback mechanisms
• Identify and document security misconfigurations and vulnerabilities
• Develop and execute test cases for detecting firmware-level vulnerabilities
• Perform both static and dynamic analysis on embedded systems
• Assist in reverse engineering of firmware to uncover potential exploits
• Support incident response and remediation efforts through detailed reporting
• Maintain and update test scripts and methodologies based on emerging threats
• Document test results and provide clear remediation recommendations
• Collaborate with System Security Lead on follow-up testing and validation
• Assist in training junior team members on system security best practices
• Ensure all testing aligns with RED 18031 and regulatory standards
• Provide regular status updates and technical reports to management
• Contribute to continuous improvement of the overall VAPT process
Qualifications & Certifications:
• Bachelor's degree in Computer Engineering, Cybersecurity, or related domain
• Preferred: CEH, CompTIA PenTest+, or equivalent certifications
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Automation Bash CEH CompTIA CVSS Exploits Ghidra Incident response Kali Linux Metasploit Nmap Pentesting Python Reverse engineering SBOM Scripting Vulnerabilities Vulnerability scans
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.