Senior Embedded Penetration tester

Senior • Remote

$160 - $200/

Wrocław, Poland

Tech stack:

Secure boot, firmware security, OTA updates
Cryptography (AES, RSA, ECC) & hardware security (TPM, HSM, TrustZone)
Embedded interfaces & protocols: CAN, LIN, Modbus, BLE, Wi-Fi, TCP/IP
Penetration testing on embedded targets: JTAG, UART, SPI, I²C
Cloud IoT platforms & secure communication: AWS/Azure/GCP IoT, TLS/DTLS, MQTT(S)
Secure code review (C/C++, Rust, Python) & DevSecOps / CI/CD security

Requirements:

Proven experience performing advanced penetration testing on embedded systems, IoT devices, and cloud-connected architectures
Strong background in identifying, exploiting, and documenting security weaknesses across a broad range of environments
Deep understanding of embedded security attack vectors: side-channel attacks, fault injection, firmware tampering, replay attacks, MITM
Experience with vulnerability scanning, fuzzing, exploit development, and hardware-level security assessment
Solid knowledge of secure communication protocols, cryptography, secure boot mechanisms, and secure firmware design
Ability to translate complex technical findings into clear, actionable recommendations for both technical and non-technical stakeholders
Familiarity with risk assessment frameworks such as ISO 21434, IEC 62443, ISO 27005
Understanding of data protection requirements (GDPR / HIPAA) in cloud-integrated IoT ecosystems
Experience with secure SDLC, DevSecOps, and CI/CD security practices
Strong analytical, problem-solving, and communication skills
Relevant certifications such as OSCP, GPEN, CompTIA PenTest+ (highly valued)

Main responsibilities:

Senior Penetration Tester with a proven track record of successfully identifying and exploiting security weaknesses across a wide range of systems and environments. The ideal candidate will have deep expertise in advanced penetration testing methodologies, tools, and reporting, with strong analytical and problem-solving skills. Experience in embedded systems security is highly desirable and will be considered a significant advantage. This role requires excellent communication skills to translate technical findings into clear, actionable recommendations for stakeholders.

Spyrosoft

Spyrosoft is a dynamic company operating in the technology industry, specifically focusing on fintech solutions. The company is engaged in a collaborative venture with Klarna, a global leader in digital payment solutions, to establish an IT hub that fosters innovation in online shopping and payment systems. Spyrosoft values independence, proactiveness, and flexibility, creating an environment that encourages forward-thinking and dynamic work. The company is based in Warsaw, Poland, and offers a hybrid work model, reflecting its commitment to modern and adaptable work practices. Spyrosoft is dedicated to facilitating a seamless recruitment process, emphasizing a strong cultural fit and technical expertise in its candidates. The company is known for its rigorous standards, particularly in the financial domain, ensuring high-quality and secure digital solutions.