Lucid Motors is seeking to enhance the security of their luxury electric vehicles by identifying and addressing potential vulnerabilities in their firmware and embedded systems.
Requirements
- Firmware Analysis: Experience with both bare-metal and Linux-based firmware
- Reverse Engineering: Familiarity with ARM instruction sets and disassembly/reversing tools (IDA Pro, Ghidra, Binary Ninja)
- Fuzzing & Taint Analysis: Demonstrated ability to design custom fuzzers and perform data flow/taint analysis
- Emulation: Hands-on experience using QEMU or similar tools to emulate embedded hardware and software
- Scripting & Programming: Proficiency in Python, C/C++, or other languages relevant to firmware analysis and exploit creation
- ARM instructions
- Taint analysis
Responsibilities
- Examine embedded firmware at high- and low-levels to identify security weaknesses
- Disassemble and reverse-engineer ARM code using tools such as IDA Pro, Ghidra, or Binary Ninja
- Develop and implement custom fuzzing frameworks targeting embedded systems
- Conduct taint analysis to trace data flow and isolate security-critical functions
- Utilize QEMU or similar emulation platforms to recreate hardware environments for testing and analysis
- Create specialized scripts and tools to streamline firmware extraction, binary analysis, and fuzzing processes
- Automate complex testing routines to optimize security assessment workflows
Other
- Bachelor’s degree in Computer Science, Electrical Engineering, or a related field is required
- Master’s degree or higher education is preferred
- Proven track record in embedded systems security, vulnerability research, and exploit development
- Cross-Team Collaboration: Work closely with hardware, software, and broader security teams to share findings, guide secure development practices, and implement fixes
- Research & Knowledge Sharing: Keep abreast of emerging trends and techniques in embedded security, sharing insights with the team
