Job details

Hardware Vulnerability Researcher

Trend Micro, a global cybersecurity leader, helps make the world safe for exchanging digital information. Fueled by decades of security expertise, world-leading global threat research and intelligence, and continuous innovation, our cybersecurity platform protects hundreds of thousands of organizations and millions of individuals across clouds, networks, devices, and endpoints

With 7,000 employees across 65 countries, and the world’s most advanced global threat research and intelligence, Trend Micro enables organizations to simplify and secure their connected world.

TrendMicro.com

Location: Hybrid in our Austin, TX office is preferred, open to fully remote.

Overview:

Trend Micro is currently seeking an accomplished and skilled vulnerability researcher who specializes in hardware reversing to join our team of security researchers. The successful candidate will be responsible for analyzing and understanding the design, function, and behavior of electronic devices, circuits, and systems, as well as extracting and reversing firmware and associated applications in search of vulnerabilities. Experience with automotive systems is a plus. Additionally, the candidate will leverage the intelligence provided by our globally distributed network of vulnerability researchers to deliver both analysis and actionable guidance to the product teams inside of Trend Micro and third-party vendors. The role produces the intelligence that ensures that Trend Micro products can detect and block zero-day threats to an enterprise, and will also support the sales and marketing teams within Trend Micro through the publication of research, white papers, and blogs that will be presented at top security conferences and trade shows around the world. This is a challenging and rewarding position that requires strong analytical skills, internal drive, attention to detail, and a passion for technology security.

Responsibilities:

Analyze and understand any available schematics, the PCB layout, firmware, and software of electronic devices.
Reverse engineer and research hardware interfaces, internal busses, network protocols, firmware and software
Discover and research vulnerabilities and potential attack vectors in a wide range of hardware and software products
Develop and verify proof-of-concept files and exploit code
Produce reports describing vulnerabilities and detection of attack vectors
Implement new and improve existing tools to automate and streamline the vulnerability research process
Collaborate with other vulnerability researchers on research, analysis and report production
Monitor security industry publications, news groups and other online sources for newly discovered security vulnerabilities and emerging threats
Keep up-to-date with the latest trends and techniques in hardware reverse engineering and cybersecurity.

Qualifications:

At least 5 years of experience in hardware reverse engineering and/or cybersecurity.
Expertise in hardware reversing and vulnerability research, with an understanding of the design, function, and behavior of electronic devices, circuits, and systems.
Experience in extracting and reversing firmware and associated applications to identify vulnerabilities.
Familiarity with schematic capture and PCB layout tools such as Altium Designer, Cadence, Eagle, or KiCAD.
Experience with firmware and software reverse engineering tools such as IDA Pro, Ghidra, etc.
Familiarity with hardware security modules, secure boot, encryption, and digital signatures.
Familiarity with reversing the following: SPI, I2C, UART, CAN, Ethernet, USB, JTAG, SMBus, eMMC, UFS, NAND, and common file systems.
Experience writing protocol decoders for several of the above listed buses and systems.
Experience with reversing embedded Linux kernels and systems.
Knowledge of automotive systems and their security implications is desired.
Familiarity with AUTOSAR, QNX, LIN, FlexRay, MOST, K-Line, J1850 a plus.
Knowledge of programming languages such as C, C++, Python, and Assembly.
Strong analytical and problem-solving skills.
Excellent written and verbal communication skills.
Internal drive and self-motivation, with the ability to work independently and drive projects to completion.
Ability to humbly seek assistance and collaborate with colleagues and engage additional resources when faced with challenging problems.
Ability to work collaboratively as part of a team as projects require.

Trend Micro, Inc. is committed to fair and equitable compensation practices. The salary range for this role is USD $135,000.00 - $185,000.00. A candidate’s final compensation for this position will be determined by various factors to include, but not limited to relevant work experience, skills, and certifications.

At Trend Micro, we embrace change, empower people, and encourage innovation in a connected world. Our diversity and multicultural workforce are key contributing factors to our success across the globe. Trend Micro provides equal employment opportunity for all applicants and employees. Trend Micro does not unlawfully discriminate on the basis of race, color, religion, sex, pregnancy and childbirth or related medical conditions, national origin, ancestry, age, physical or mental disability, medical condition, family care leave status, veteran status, marital status, sexual orientation, or gender identity.