System Security Engineer

Position:System Security Engineer

Job Description:

Experience:

5–8 years

Key Skills:

• Proficient in using Metasploit, Nmap, and Kali Linux for penetration testing

• Strong experience with firmware analysis tools such as Binwalk and Ghidra

• Knowledge of Linux hardening and secure configuration practices

• Familiarity with vulnerability scoring systems (CVSS) and CVE tracking

• Experience with patch verification and secure update testing

• Skilled in reverse engineering firmware images

• Proficient in scripting languages (Python, Bash) for automation

• Knowledge of embedded operating systems (Yocto, OpenWRT)

• Understanding of secure boot and rollback mechanisms

• Experience with static and dynamic vulnerability assessments

• Familiarity with hardware debugging interfaces (JTAG, UART)

• Ability to document findings and prepare technical reports

• Knowledge of SBOM analysis and patch management processes

• Ability to collaborate effectively with senior engineers

• Strong problem-solving and analytical skills

Responsibilities:

• Execute comprehensive VAPT on firmware and embedded OS components

• Conduct vulnerability scans and manual security testing on target devices

• Validate secure update, patch management, and rollback mechanisms

• Identify and document security misconfigurations and vulnerabilities

• Develop and execute test cases for detecting firmware-level vulnerabilities

• Perform both static and dynamic analysis on embedded systems

• Assist in reverse engineering of firmware to uncover potential exploits

• Support incident response and remediation efforts through detailed reporting

• Maintain and update test scripts and methodologies based on emerging threats

• Document test results and provide clear remediation recommendations

• Collaborate with System Security Lead on follow-up testing and validation

• Assist in training junior team members on system security best practices

• Ensure all testing aligns with RED 18031 and regulatory standards

• Provide regular status updates and technical reports to management

• Contribute to continuous improvement of the overall VAPT process

Qualifications & Certifications:
• Bachelor's degree in Computer Engineering, Cybersecurity, or related domain
• Preferred: CEH, CompTIA PenTest+, or equivalent certifications

Location:IN-GJ-Ahmedabad, India-Ognaj (eInfochips)

Time Type:Full time

Job Category:Engineering Services