Security Engineer (Purple Team)

Responsibilities

• Review, assess, and audit vehicle software platform code to identify security vulnerabilities using automated tests and tooling.
• Lead security verification and validation (V&V) initiatives and serve as the point of contact for all security V&V activities.
• Set up benches for penetration tests and risk assessments in an automotive environment.
• Take a hands-on approach to security by implementing fixes for identified vulnerabilities where appropriate, while coordinating with core software teams to drive long-term remediation of high-impact issues.
• Help in designing a secure vehicle software platform, connected vehicle architecture, and connected autonomous vehicles architecture.
• Conduct hands-on security testing and perform risk assessments to prioritize security bugs and threats.
• Compare mitigation strategies and prioritize mitigation efforts based on the risk.
• Work with Applied's different business units to develop secure automotive products (Vehicle OS, SDS) in line with ISO 21434 process requirements and UN R155 technical specifications.
• Work with software, security, and system & safety engineering to implement, identify, and advance security at Applied Intuition.
• Work with Applied's customers to deliver secure automotive products.

Requirements

• A good understanding of embedded systems and how software interacts with hardware.
• Strong experience in penetration testing or hands-on security assessment of embedded systems.
• Good technical knowledge of Linux or QNX internals.
• Security expertise in one or more of the following: C, C++, x86, ARM, cryptography, or exploit development.
• Experience with network security (firewall configurations, ssh authentication).
• Proficiency in programming with C/C++ or Python.
• A solid understanding of hardware security primitives, including secure boot, key management, and cryptographic accelerators.
• Experience with security tooling, including vulnerability databases and automated fuzzing frameworks (e.g., AFL, libFuzzer, or specialized automotive tools).
• Proficiency in code auditing and vulnerability research using both manual and automated testing tools.
• Experience performing formal risk assessments and the ability to prioritize mitigations based on risk levels.
• The ability to act as a technical lead and coordinate security projects between internal teams and external customers.

Nice to Have

• Experience in an automotive security environment and familiarity with protocols like CAN, Automotive Ethernet, and UDS.
• Understanding of automotive chips (SoCs/MCUs) and hardware security principles.
• Familiarity with automotive standards such as ISO 21434 and UN R155.
• Knowledge of Android Security or other embedded operating systems.
• Background in securing Hardware Security Modules (HSM) and Trusted Execution Environments (TEE).

Compensation

Base salary range: $150,000 - $220,000 USD annually, plus equity and benefits.