Senior Hardware Penetration Tester

We’re seeking an experienced IoT Firmware & Hardware Security Engineer to lead security testing and analysis of connected devices. In this role, you’ll perform penetration testing, reverse engineering, and vulnerability assessments on hardware and firmware, while collaborating with cross-functional teams to embed security into product design. You’ll apply industry-standard cybersecurity frameworks, develop threat models, and define security requirements across the full device lifecycle. This is a hands-on position involving lab work, tool development, and mentoring, ideal for someone passionate about securing the future of IoT.
This role is onsite 4 days a week in Blue Bell, PA.

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.

Bachelor’s degree in computer science, Cybersecurity, Electrical Engineering, Electronics, or a related field.
5+ years of experience in firmware and hardware design, penetration testing, and IoT security.
Proficiency in programming languages such as Python, C/C++, or similar.
Hands-on experience with reverse engineering, firmware analysis, and electronic board modifications (including soldering).
Solid understanding of hardware security principles and communication protocols (e.g., UART, I2C, SPI, Wi-Fi, LTE, Z-Wave, DECT/ULE).
Experience using lab tools: oscilloscope, logic analyzer, multimeter, network analyzers, universal memory programmer, etc.
Familiarity with pen test tools and platforms such as Kali Linux, Metasploit, Burp Suite, Wireshark, Binwalk, Firmwalker.

Cybersecurity Expertise:

Knowledge of cybersecurity standards and frameworks (e.g., OWASP Top 10, PCI, NIST).
Experience with cryptographic algorithms: symmetric/asymmetric encryption, digital signatures, hashing, key exchange.
Ability to develop threat models for IoT devices using methodologies like STRIDE and DREAD.
Experience defining cybersecurity requirements across the IoT device lifecycle: design, coding, testing, manufacturing, and end-of-life.
Development of cybersecurity policies and procedures including secure SDLC, cryptographic key management, and secure manufacturing.

Certifications such as CEH, OSCP, or CISSP are a plus.

Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.