Automotive Penetration Tester

Job Title: Automotive Penetration TesterLocation: Bursa/TurkeyABOUTAs Daiichi, we are 22 years old in automotive electronics as a Tier-1 supplier for global OEMs specialized in hardware, software, and mechanical development of line fit infotainment systems: multimedia radios with connectivity, shark antenna, wireless/USB chargers, speakers, AVAS and other electronic modules. By being a member of Doğan Holding Group of Companies, our Headquarter is in Istanbul and we operate R&D and technical centers, manufacturing sites, and customer support services in 7 countries: Turkey, Italy, USA, France, China, Uzbekistan (CIS) and India.Role Description:We are seeking an experienced Automotive Penetration Tester to join our cybersecurity team. The successful candidate will be responsible for conducting penetration tests and security assessments on automotive systems, including in-vehicle networks, infotainment systems, telematics, and ECU (Electronic Control Unit) firmware. You will identify vulnerabilities, simulate real-world attacks, and work closely with our engineering teams to ensure the security and robustness of our automotive products, also performing vulnerability management activities such as scanning and reporting to customers.Qualifications;• Bachelor’s degree in Computer Science, Information Security, Electrical Engineering, or a related field. Equivalent work experience will be considered• 3+ years of experience in penetration testing, with a focus on automotive systems or embedded systems.• Experience with automotive security testing tools (e.g., CANoe, CANalyzer, Scapy, etc.)• Familiarity with reverse engineering, binary analysis, and exploitation techniques.• Relevant certifications such as OSCP, OSWP, CRTP, CEH, or similar are a plus.• Experience with infrastructure automation, TCP/IP networking, vulnerability identification and exploitation, vulnerability exploit code development, offensive security operation, vulnerability tracking and remediation, cross functional collaborations• Understanding of ECUs (Electronic Control Unit) HW and SW architecture, functioning.• Understanding of functional safety standards (e.g., ISO 26262) and cybersecurity standards (e.g., ISO/SAE 21434• Hands-on experience with FOTA (Firmware Over-the-Air) updates and their security implications• Familiarity with wireless communication security (Bluetooth, Wi-Fi, etc.) in automotive contextsResponsibilities;• Conduct penetration testing and security assessments on automotive systems, specifically component level (ECU).• Conducting penetration testing of ECU and applications to test security measures.• Simulate real-world attack scenarios and assess the security posture of automotive components and systems.• Identify vulnerabilities and security weaknesses in automotive software and hardware.• Perform code reviews and security audits of automotive software applications.• Document findings, create detailed reports, and present results to internal stakeholders and clients.• Collaborate with engineering teams to develop and implement effective security measures and mitigation strategies.• Support TARA and system cybersecurity requirements• Develop Threat Models using industry best practices• Demonstrating expertise in automotive communication protocols, including CAN, LIN, and FlexRay.• Conducting security training and awareness programs to increase security awareness among employees.• Developing malwares and testing software to detect and prevent security breaches.