29 Fuzzing Jobs - Page 2

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Security Architecture Design Minimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary: As an Automotive Cybersecurity Architect, you will define the end-to-end security architecture and strategy for in-vehicle systems, telematics, and cloud-connected services, ensuring alignment with regulatory requirements and industry best practices. You will also lead penetration testing efforts, document security controls across ECUs and communication interfaces, and guide the implementation of secure system designs across the vehicle ecosystem. Roles & Responsibilities: • Define and implement end-to-end cybersecurity architecture for connected vehicles, ECUs, and backend services, ensuring alignment with ISO/SAE 21434, UNECE WP.29, and CSMS requirements. • Develop secure communication and firmware update frameworks, supporting over-the-air (OTA) updates and in-vehicle data integrity. • Perform threat modeling and risk analysis using industry-standard methodologies such as HEAVENS, STRIDE, and attack trees to identify vulnerabilities across vehicle networks and interfaces. • Guide the definition of mitigation strategies and ensure full traceability between threats, assets, and controls throughout the development lifecycle. • Plan and lead security validation activities, including advanced penetration testing and fuzzing of vehicle interfaces (CAN, DoIP, Ethernet, Bluetooth, Wi-Fi, Cellular). • Create and maintain documentation for test cases, tooling, security controls, and validation outcomes across ECUs and connected modules. • Collaborate with cross-functional teams to drive secure design practices in diagnostics, boot process, and firmware integrity verification. • Conduct vulnerability assessments using tools such as CANoe, CANalyzer, Wireshark, Ghidra, and custom analysis scripts, and support remediation planning. • Lead red team exercises and security reviews in coordination with product security and development teams. • Represent cybersecurity in internal audits and regulatory assessments, ensuring alignment with WP.29 R155/R156 and ISO 26262. • Work with suppliers and partners to evaluate and integrate security solutions aligned with evolving vehicle cybersecurity requirements. Professional & Technical Skills: • Extensive experience (12+ years) in embedded and automotive systems, with over 6 years specializing in automotive cybersecurity strategy, architecture, and threat analysis. • Hands-on experience designing and executing penetration testing of automotive systems, including ECUs, ADAS, telematics, infotainment, and V2X components, across in-vehicle networks and external interfaces. • Strong knowledge of in-vehicle communication protocols such as CAN, LIN, FlexRay, DoIP, and automotive diagnostic protocols (UDS), as well as wireless technologies including Bluetooth, Wi-Fi, and Cellular. • In-depth understanding of secure communication protocols and cryptographic standards, including TLS, MACsec, AES, RSA, ECC, and Public Key Infrastructure (PKI) for automotive applications. • Proven experience in designing and implementing Secure Boot, Secure OTA (Over-the-Air) update mechanisms, and ECU firmware authentication using HSMs and trusted execution environments. • Demonstrated ability to conduct and lead threat modeling and risk assessments using HEAVENS, STRIDE, attack trees, and DFD methodologies in compliance with ISO/SAE 21434. • Familiarity with regulatory and compliance frameworks such as UNECE WP.29 (R155/R156), CSMS, and ISO 26262, and practical experience aligning security activities to these standards. • Proficiency in security validation tools and platforms including Canoe, CANalyzer, Wireshark, Ghidra, Scapy, and custom-built tools for binary analysis, fuzzing, and reverse engineering. • Experience guiding vulnerability remediation efforts across hardware and software development teams in an Agile or V-model development environment. • Strong technical documentation skills and the ability to translate complex cybersecurity concepts into actionable guidance for engineering and compliance teams. • Capable of engaging with external vendors, regulatory bodies, and cross-functional stakeholders to align security requirements, audits, and certifications. Additional Information: • 7+ years’ experience implementing and performing Automotive Cybersecurity • This position is based at our Bengaluru office • A 15-year full time education is required • Good to have Certifications in ISO 21434, CISSP, CEH, OSCP, GICSP 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Security Architecture Design Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary: As an Automotive Cybersecurity Engineer, you will implement and validate security controls across in-vehicle systems, ensuring protection of ECUs, telematics units, and connected vehicle infrastructure. You will contribute to threat modeling and diagnostics hardening efforts, support penetration testing activities, and document the integration of cybersecurity measures in alignment with regulatory and technical requirements. Roles & Responsibilities: • Support the development and implementation of cybersecurity controls across ECUs, telematics systems, and in-vehicle networks in alignment with ISO/SAE 21434 and company CSMS. • Participate in security architecture and design reviews, contributing to the definition and validation of security requirements for embedded vehicle systems. • Conduct and document threat modeling and risk assessments using methodologies such as HEAVENS, STRIDE, and custom attack graphs. • Perform penetration testing and intrusion validation on in-vehicle protocols including CAN, DoIP, and Ethernet, as well as wireless interfaces such as Bluetooth and Wi-Fi. • Assist in the execution of fuzz testing and vulnerability analysis using tools like CANoe, Wireshark, Scapy, and Python-based custom scripts. • Contribute to the validation of secure boot mechanisms and assist in reverse engineering activities to verify firmware security compliance. • Work with software and hardware teams to analyze security issues, identify root causes, and define corrective actions and mitigations. • Maintain operational documentation, including test procedures, vulnerability logs, and mitigation tracking in compliance with regulatory requirements. • Collaborate with cross-functional teams to integrate secure diagnostics, access control strategies, and key management protocols. • Participate in internal assessments and support audit readiness for cybersecurity compliance frameworks such as UNECE WP.29 and ISO 26262. Professional & Technical Skills: • Experience supporting in-vehicle cybersecurity programs with 8+ years in embedded or automotive systems development, including 3–4 years focused on penetration testing, diagnostics security, or secure ECU architecture. • Hands-on experience conducting security testing and vulnerability assessments on vehicle communication interfaces such as CAN, DoIP, and Ethernet, as well as wireless protocols including Bluetooth, Wi-Fi, and cellular. • Strong working knowledge of UDS diagnostics (ISO 14229), secure diagnostics access control, and protocol fuzzing techniques to uncover vulnerabilities in ECUs and vehicle gateways. • Proficiency with security testing tools and platforms such as CANoe, Wireshark, Scapy, Python, and Ghidra for traffic analysis, custom scripting, and reverse engineering. • Familiarity with cryptographic principles and practical usage of cryptographic libraries (e.g., OpenSSL, mbedTLS) and hardware security modules (HSM) for secure key storage, boot processes, and firmware authentication. • Experience supporting OTA (Over-the-Air) update platforms and ensuring their secure integration using encryption, authentication, and rollback protection mechanisms. • Exposure to cybersecurity development in Agile-based or V-model automotive environments, working collaboratively with software, systems, and validation teams. • Knowledge of regulatory and compliance standards relevant to automotive cybersecurity, including ISO/SAE 21434, UNECE WP.29 (R155/R156), and functional safety (ISO 26262). • Ability to document test cases, generate detailed security analysis reports, and provide engineering teams with clear recommendations and follow-up actions for mitigation. • Demonstrated problem-solving skills and the ability to troubleshoot complex issues related to embedded systems security, communication integrity, and control system protection. Additional Information: • 5+ years’ experience implementing and performing Automotive Cybersecurity • Experience with AUTOSAR (Classic/Adaptive), ECU firmware security, or secure telematics units. • This position is based at our Bengaluru office • A 15-year full-time education is required • Good to have Certifications in ISO 21434, CISSP, CEH, OSCP, GICSP 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Security Architecture Design Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary: As an Automotive Cybersecurity Specialist, you will support the implementation and validation of security measures across vehicle systems and embedded platforms. You will assist in penetration testing, contribute to threat analysis activities, and help ensure secure communication and firmware integrity in alignment with automotive cybersecurity standards. Roles & Responsibilities: • Assist in the execution of penetration testing activities targeting ECUs, in-vehicle communication networks, and diagnostic services to identify common vulnerabilities and misconfigurations. • Support the use of automotive security tools such as CANoe, Wireshark, Scapy, and basic fuzzing frameworks to simulate attacks and gather system responses for analysis. • Collect and organize logs, analyze test outputs, and document findings to assist senior security engineers in remediation and tracking of identified issues. • Execute validation of standard UDS diagnostic services, including support for testing access controls, session management, and secure diagnostic configurations. • Participate in asset identification and support foundational threat modeling efforts, including contributing to risk assessments and mitigation tracking under guidance. • Assist in documenting security design considerations and implementation steps in alignment with ISO/SAE 21434 and internal cybersecurity processes. • Collaborate with cybersecurity, software, and validation teams to support the integration of security controls across vehicle platforms. • Continuously learn and apply core concepts of automotive cybersecurity, including secure communication, ECU hardening, and regulatory standards like WP.29 and ISO 26262. Professional & Technical Skills: • 5+ years of experience in embedded systems, automotive engineering, or related fields, with growing specialization in cybersecurity principles and practices. • Familiarity with in-vehicle communication protocols including CAN, UDS, and DoIP, with hands-on exposure to using tools such as CANoe, Wireshark, and Scapy for traffic analysis and basic attack simulation. • Foundational understanding of penetration testing methodologies, vulnerability identification, and the use of fuzzers to evaluate ECU communication robustness. • Exposure to diagnostics security concepts, including secure diagnostic sessions, seed-key mechanisms, and access control layers for UDS services. • Basic knowledge of cybersecurity frameworks and risk assessment methodologies such as STRIDE, HEAVENS, and ISO/SAE 21434. • Experience contributing to documentation of test results, secure design inputs, and mitigation reports under guidance from senior cybersecurity engineers. • Understanding of secure firmware update concepts and cryptographic basics, including symmetric/asymmetric encryption, HSM usage, and key management fundamentals. • Experience working in Agile or V-model development environments, collaborating with cross-functional teams including validation, software, and systems engineering. • Demonstrated eagerness to learn new cybersecurity tools, standards, and technologies relevant to modern connected vehicle platforms. • Strong analytical skills and attention to detail, with the ability to follow structured testing and security validation procedures. Additional Information: • 3+ years’ experience implementing and performing Automotive Cybersecurity • Knowledge of tools like CANoe, Wireshark, or Ghidra. • Basic understanding of ISO 21434, seed/key security, OTA updates, and cryptographic modules. • This position is based at our Bengaluru office • A 15-year full-time education is required • Good to have Certifications in ISO 21434, CISSP, CEH, OSCP, GICSP 15 years full time education

Job Title:- Penetration Tester We are looking for Penetration Tester to join our security team & who will be responsible for Web & Mobile VAPT. Job Description : Qualysec Technologies is seeking a skilled and highly motivated Penetration Tester to join our fabulous security team in Bhubaneswar. The Penetration Tester will be mainly responsible for performing security testing of Web & Mobile applications including identifying, evaluating, and exploiting vulnerabilities in various systems, networks, and applications. Qualification :- Bachelor's Degree in a related Cybersecurity/IT/Computer Science field. Experience :- 0 to 1 years Location :- Bhubaneswar Job Type :- Full Time Responsibilities Perform vulnerability assessments & penetration testing (VAPT) on Web, APIs and mobile applications Identify and exploit vulnerabilities in products under test prepare reports by documenting identified issues based on internal templates Collaborating with other team members to improve the overall security posture of our clients. Enhance technical skills & knowledge by Staying up-to-date with emerging threats and vulnerabilities Skills Required Knowledge in penetration testing, vulnerability assessment, and ethical hacking. Knowledge in Pentesting of various applications i.e Web, Mobile (Android & iOS), APIs, Cloud (AWS / Azur )etc. Strong knowledge of security assessment tools such as Metasploit, BurpSuite, ZAP, OWASP tools, Kali Linux tools and Fuzzing tools Hands-on experience with manual and automated penetration testing methodologies. Experience in working with Standards such as NIST, OWASP, MITRE CWE etc. Strong understanding of network protocols, operating systems, and web application technologies. Excellent written and verbal communication skills, with the ability to clearly document and communicate findings and recommendations. About Us Qualysec is a leading cybersecurity firm specializing in comprehensive penetration testing and risk assessment services. Our tailored solutions help businesses proactively defend against evolving cyber threats. With over four years of experience, we take pride in having served more than 150 clients across 21 countries—a testament to our commitment to quality and resilience. Our dynamic work environment and employee-focused culture drive our continuous growth and success. Job Type: Full-time Schedule: Day shift Note: Preference will be given to Odisha candidates. Job Types: Full-time, Permanent Schedule: Day shift Ability to commute/relocate: Bhubaneshwar, Orissa: Reliably commute or planning to relocate before starting work (Preferred) Application Question(s): Do you have completed any Ethical hacking course and Internship? Education: Bachelor's (Preferred) Location: Bhubaneshwar, Orissa (Required) Work Location: In person