Product Security Consultant

Embedded Product Security Consultant (Contract – Fully Remote)

Location: Remote (UK/EU based preferred)

Rate: Competitive day rate

We are seeking an experienced Embedded Product Security Consultant to undertake in-depth security reviews and assessments across embedded, mobile and IoT platforms. This role involves low-level security analysis, vulnerability assessment, and providing expert guidance on secure system design for both hardware and software components.

Key Responsibilities:

• Review low-level C code (FreeRTOS, Android, Linux kernel drivers) and protocol parsers.
• Assess and advise on sandboxing and isolation policies (SELinux/SE Android, seccomp, Linux namespaces, Minijail/Firejail).
• Conduct cryptographic implementation reviews, particularly secure boot and code-signing mechanisms.
• Analyse Android applications (Java) and system-level components.
• Examine and debug ARM 32/64-bit assembly.
• Reverse engineer firmware and embedded systems.
• Carry out hardware and embedded system hacking exercises.
• Perform wireless protocol security testing (Wi-Fi, Bluetooth)
• Deliver vulnerability assessments, penetration testing, and exploit proof-of-concepts.
• Work with development teams using Git/GitHub workflows.

Essential Skills & Experience:

• Strong background in embedded security and low-level programming.
• Hands-on experience with FreeRTOS, Linux kernel drivers, and Android internals.
• Deep understanding of cryptography and secure system design.
• Proven experience in reverse engineering and vulnerability research.
• Knowledge of wireless protocol security testing.
• Excellent written and verbal communication skills.