Cybersecurity Test Engineer (Penetration Tester)

Hybrid in Zeeland, MI is preferred but we can consider remote candidates as well. Familiarity with ISO 21434 is mandatory.Job Description:Key Skills & Qualifications: Strong experience with penetration testing methodologies (e.g., OWASP, MITRE ATT&CK, PTES). Proficiency in network protocols and analysis tools (e.g., Wireshark, Scapy, Burp Suite, CANoe). Familiarity with automotive communication technologies, including CAN, LIN, Ethernet, UDS, DoIP. Knowledge of wireless protocols (e.g., Bluetooth, Wi-Fi, LTE) and associated security risks. Understanding of FOTA architecture, security layers, and update mechanisms. Experience with threat modeling, fuzz testing, and exploit development. Familiarity with ISO 21434, UNECE WP.29, or similar regulatory standards. Programming/scripting knowledge (e.g., Python, C/C++, Bash) is a plus. Job Responsibilities:Key Responsibilities: Perform penetration testing on wired (e.g., CAN, Ethernet) and wireless (e.g., Wi-Fi, Bluetooth, LTE) communication interfaces used for FOTA updates. Analyze system architecture and communication flows to identify potential attack surfaces. Simulate real-world cyberattacks and intrusion attempts to assess system resilience. Conduct threat modeling and risk assessments on FOTA-related components and interfaces.. Reverse-engineer communication protocols or firmware if necessary to identify vulnerabilities Develop and execute custom test scripts and tools to automate exploit attempts or simulate malicious behavior. Document vulnerabilities with detailed proof-of-concept (PoC), severity ratings, and recommendations for mitigation.. Collaborate with engineering teams to define and validate security requirements during the design and development phases. Support compliance with relevant automotive cybersecurity standards (e.g., ISO/SAE 21434, UNECE WP.29 R155). Participate in security reviews, audits, and technical workshops with internal and external stakeholders. Department/Project Description:Function Overview We are seeking a skilled Penetration Tester to perform in-depth cybersecurity testing and vulnerability assessments on wired or wireless communication interfaces used in FOTA (Firmware Over-the-Air) update systems within automotive environments. The role involves identifying security risks, simulating attack scenarios, and validating countermeasures to ensure robust protection against external threats.

Created: 2026-03-04