Offensive Embedded Security Engineer - Vulnerability Research - Red Team
Leading the future in luxury electric and mobility
At Lucid, we set out to introduce the most captivating, luxury electric vehicles that elevate the human experience and transcend the perceived limitations of space, performance, and intelligence. Vehicles that are intuitive, liberating, and designed for the future of mobility.
We plan to lead in this new era of luxury electric by returning to the fundamentals of great design – where every decision we make is in service of the individual and environment. Because when you are no longer bound by convention, you are free to define your own experience.
Come work alongside some of the most accomplished minds in the industry. Beyond providing competitive salaries, we're providing a community for innovators who want to make an immediate and significant impact. If you are driven to create a better, more sustainable future, then this is the right place for you.
Role: Offensive Embedded Security Engineer - Vulnerability Research - RedTeam
Role Overview:
We are seeking an Embedded Security Engineer with a deep understanding of firmware and Linux-based embedded systems, who can reverse-engineer code, develop fuzzing tools, and conduct in-depth vulnerability research. The ideal candidate will be well-versed in ARM instructions, taint analysis, and have fundamental knowledge of emulation tools like QEMU. Automotive experience is a plus.
Key Responsibilities:
- Firmware Analysis & Reversing
- Examine embedded firmware (including Linux-based) at both high- and low-levels to identify security weaknesses.
- Disassemble and reverse-engineer ARM code using tools such as IDA Pro, Ghidra, or Binary Ninja.
- Vulnerability Research & Exploitation
- Develop and implement custom fuzzing frameworks targeting embedded systems.
- Conduct taint analysis to trace data flow and isolate security-critical functions.
- Discover, document, and demonstrate vulnerabilities, providing clear remediation strategies.
- Emulation & Testing
- Utilize QEMU or similar emulation platforms to recreate hardware environments for testing and analysis.
- Integrate emulated targets into CI/CD pipelines for continuous vulnerability scanning.
- Automation & Tooling
- Create specialized scripts and tools to streamline firmware extraction, binary analysis, and fuzzing processes.
- Automate complex testing routines to optimize security assessment workflows.
- Cross-Team Collaboration
- Work closely with hardware, software, and broader security teams to share findings, guide secure development practices, and implement fixes.
- Collaborate with automotive specialists to adapt research methods for vehicle control units (ECUs) and other automotive platforms.
- Research & Knowledge Sharing
- Keep abreast of emerging trends and techniques in embedded security, sharing insights with the team.
- Participate in security conferences, workshops, or internal training sessions to foster a culture of learning and continuous improvement.
Required Qualifications:
- Education & Experience
- Bachelor's degree in Computer Science, Electrical Engineering, or a related field is required. Master's degree or higher education is preferred.
- Proven track record in embedded systems security, vulnerability research, and exploit development.
- Technical Skills
- Firmware Analysis: Experience with both bare-metal and Linux-based firmware, capable of navigating U-Boot, BusyBox, and similar environments.
- Reverse Engineering: Familiarity with ARM instruction sets and disassembly/reversing tools (IDA Pro, Ghidra, Binary Ninja).
- Fuzzing & Taint Analysis: Demonstrated ability to design custom fuzzers and perform data flow/taint analysis.
- Emulation: Hands-on experience using QEMU or similar tools to emulate embedded hardware and software.
- Scripting & Programming: Proficiency in Python, C/C++, or other languages relevant to firmware analysis and exploit creation.
By Submitting your application, you understand and agree that your personal data will be processed in accordance with our Candidate Privacy Notice. If you are a California resident, please refer to our California Candidate Privacy Notice.
To all recruitment agencies: Lucid Motors does not accept agency resumes. Please do not forward resumes to our careers alias or other Lucid Motors employees. Lucid Motors is not responsible for any fees related to unsolicited resumes.