Harman

About the Role

New opportunity within our large Engineering organization for a Security Test Principal Engineer as part of a new opening position in Connectivity Test Center. This role will be part of a new team based in Bucharest which will work closely with the wider team. Our goal is to build out our Connectivity Test Coordinating team operating from our strategic site in Bucharest providing experienced and dynamic team members to support multiple roles across our portfolio of global projects. This is an extremely exciting time to get involved, to help develop and shape innovative technology and drive change throughout the organization.

What You Will Do

• Identifying methods to manipulate Remote SIM Provisioning including but not limited to SIM Jacking attack
• Setting up a test environment to conduct analysis of the communication between the UE and eNodeB
• Performing security assessments on wireless devices to identify potential vulnerabilities
• Identifying various methods to circumvent security controls such as authentication mechanism on various wireless devices such as Bluetooth/Wi-Fi, NFC etc.
• Capturing wireless communications between a smart phone, and Device Under Test (DUT), and identifying ways to impersonate the device
• Attempting to extract and/or capture secret keys exchanged during the authentication between the two wireless devices
• Identifying where secret keys are stored persistently upon a successful authentication between two devices
• Identifying the type of authentication and security mode BLE peripheral/central and WPA supports
• Performing analysis on the secure link during the BLE pairing process and identify potential misconfigurations or security flaws
• Identifying and exploiting the vulnerabilities in NFC systems such as a mobile phone used to transmit RF signal to lock/unlock doors
• Capturing, decoding and/or performing replay/relay attacks against key fobs using SDR and generating test reports, and recommending the appropriate course of action, and supporting the mitigation and re-validation efforts
• Participating in research activities to investigate vulnerabilities, emerging cyber threats, and new technologies
• Prepare and present reports and findings to senior management and Customer, outlining security risks and proposed solutions
• Stay up-to-date with the latest security threats, vulnerabilities, and best practices by being part of the Cybersecurity core team
• Lead root cause analysis efforts to investigate process failures, identify the underlying issues, and develop solutions to prevent future occurrences.
• Act as the primary point of contact for any inquiries or concerns related to the process or project
• Maintain open and transparent communication with all relevant stakeholders (Arhitects, Developers, Customers, CSMC team), providing regular updates on progress, issues, and successes

What You Need

• Bachelor’s degree in computer science, information systems or equivalent experience
• 5+ years Security Testing experience
• Strong technical expertise in various wireless protocols such as GSM, Wi-Fi, Bluetooth, NFC, CAN, UDS and UWB
•  Ability to perform various types of security tests such as penetration testing, fuzz testing, and evaluating the security requirements for wireless technologies
• Hands-on experience regarding security testing Cellular network, Wi-Fi, BT/BLE, and NFC
• CVE and GPS Spoofing knowledge
• Experience with scripting and automation tools for collecting and analyzing data
• Advance knowledge of LTE, RTP/AVB, WPA2/3, NFC, BT/BLE security features
• Experience with wireless specifications for LTE, and Bluetooth
• High sense of responsibility and ability to work under pressure
• Strong communication and collaboration skills
• Business fluent in English
• Efficiently meeting deadlines, schedules, and target dates

What is Nice to Have

• ASPICE knowledge
• 10+ year of experience in testing embedded systems
• CCNA Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP certifications
• Familiarity and ability to operate GSM simulators tools such as Keysight, Anritsu, and Wi-Fi, BT/BLE analyzers and testing suites
• Experience with static and dynamic code analysis
• Working knowledge of Android and Linux
• Automotive industry experience
• Experience in Agile/SCRUM
• HW experience with configuration different setups
• Knowledge in ALM is beneficial
• Expertise in working with distributed development teams

What Makes You Eligible

• Willingness to travel (0-20% of time) depending on the project needs
• Availability to work both remotely and from the office if requested

What We Offer

• Work in international teams with the biggest worldwide automotive customer
• Attractive salary package
• Training on the job and extensive technical trainings
• Further career development opportunities
• A great package of additional benefits, such as:
             o Flexible working time
             o Medical subscription
             o Free parking spaces
             o Meal tickets
             o Employee discounts on our HARMAN products (JBL, AKG, HARMAN Kardon)
             o Bookster account
             o Gym subscription, and much more...