Job Title:- Penetration Tester (IoT)
We are looking for a Penetration Tester (IoT) to join our security team, who will be responsible for assessing and testing the security of IoT devices, firmware, embedded systems, and connected applications.
Job Description:
Qualysec Technologies is seeking a skilled and motivated Penetration Tester (IoT) to join our security team in Bhubaneswar. The role involves performing security testing on IoT devices, embedded firmware, hardware interfaces, and IoT communication protocols, identifying vulnerabilities, and providing actionable remediation guidance.
About Us:
Qualysec Technologies is a cybersecurity company specializing in Web & Mobile Penetration Testing, Source Code Review, IoT, and Cloud Security, helping organizations strengthen their security posture.
Since 2020, we’ve delivered security consulting to global clients across Finance, Government, Healthcare, Insurance, and emerging tech sectors like AI/ML, IoT, and Blockchain. Our expert team leverages modern methodologies to protect critical assets.
We foster a growth mindset, enable fast career progression, encourage open feedback, and support continuous skill development.
Qualysec – Securing systems, building careers.
Qualification:- Bachelor's Degree in a related Cybersecurity/IT/Computer Science field.
Experience:- 0 to 3 years of hands-on experience in IoT / embedded systems security or penetration testing.
Location:- Bhubaneswar
Job Type:- Full Time
Responsibilities
· Perform end-to-end penetration testing on all types of IoT and embedded devices, including consumer, industrial, medical, automotive, and smart infrastructure devices
· Test device hardware, firmware, bootloaders, and embedded operating systems
· Assess security of wireless and wired communication protocols (Wi-Fi, BLE, Zigbee, Z-Wave, LoRaWAN, NFC, CAN, Modbus, etc.)
· Conduct mobile app, API, and cloud backend testing connected to IoT devices
· Perform secure boot, OTA update, and cryptographic implementation testing
· Identify hardware, firmware, and software vulnerabilities and provide remediation guidance
· Produce clear technical and executive-level security reports
· Stay up to date with emerging IoT threats, vulnerabilities, and attack techniques
Skills Required
· Ability to assess any IoT or embedded platform, including RTOS, Linux-based, and bare-metal systems
· Strong experience with firmware extraction, analysis, and reverse engineering
· Hands-on knowledge of hardware interfaces (UART, JTAG, SWD, SPI, I2C)
· Experience with radio and protocol analysis
· Solid understanding of embedded architectures (ARM, MIPS, RISC-V)
· Familiarity with common Pentesting tools and custom exploit development
· Strong documentation and communication skills
Tools & Technologies:
Hardware & Debugging Tools:
- JTAG, SWD, UART, SPI, I2C
- Bus Pirate, Shikra, JTAGulator
Firmware & Reverse Engineering:
- Ghidra, IDA Pro, Radare2
- OpenOCD
Network & Protocol Testing:
- Wireshark, tcpdump
- RF tools
Wireless & IoT Protocols:
- MQTT, CoAP, HTTP/HTTPS
- BLE, Zigbee, Z-Wave, LoRaWAN, NFC
- CAN, Modbus, BACnet
Benefits:
- Competitive salary with performance-based growth opportunities in IoT penetration testing
- Hands-on exposure to IoT devices, embedded systems, and real-world security testing environments
- Continuous learning and upskilling in VAPT, IoT security, and offensive security tools and techniques
- Employee benefits including Paid Time Off, Leave Encashment, Provident Fund (PF), and other standard perks
- Innovative and collaborative work culture with opportunities to experiment, research, and grow in cybersecurity domain.
Benefits:
- Leave encashment
- Life insurance
- Paid sick time
- Paid time off
- Provident Fund
Work Location: In person
