About the role:

The role holder will identify security loopholes in various vendor smartphones and advise on security considerations. You will be providing assistance and testing Sun King devices for security flaws, particularly mobile phones. Physically performing hardware vulnerability reviews of various mobiles, IoT and automotive devices, writing custom Proof-of-Concept code and carrying out internal penetration testing against various products.

What you would be expected to do:

• Perform offensive security assessments of hardware, firmware, embedded OS, and payment stacks on Sun King mobile devices.
• Reverse engineer firmware and perform static and dynamic analysis to identify security flaws.
• Identify and exploit vulnerabilities in embedded systems, bootloaders, MDMs, Android kernel, secure boot implementations, and cryptographic mechanisms.
• Build and execute proof-of-concept attacks to demonstrate real-world exploitability and business impact.
• Collaborate with product, hardware, and software engineering teams to define secure development practices and improve product resilience.
• Participate in threat modelling and architecture reviews of new products and features.
• Stay up to date with emerging vulnerabilities, tools, and offensive research relevant to smart phones financing ecosystems.

You might be a strong candidate if you:

• Have fundamental knowledge of Android security, Mobile Device Management, IoT device architectures, and hardware security testing/hacking.
• Possess knowledge of hardware hacking techniques (e.g., JTAG/SWD/UART debugging, side-channel evaluation, fault injection).
• Demonstrate hands on experience with Flash 64, Pandora, Easy JTag, Chimera, CM2 etc
• Are proficient in reverse engineering tools such as Ghidra, IDA Pro, Binary Ninja, and debugging tools like JTAGulator, OpenOCD, or Bus Pirate.
• Demonstrate familiarity with secure boot, TPM/TEE, flash encryption, and other embedded security technologies.
• Show programming and scripting proficiency in Python, C/C++, Bash, or similar languages.
• Are experienced in evaluating and modifying firmware images (binwalk, Firmadyne, QEMU).
• Have solid comprehension of common vulnerabilities (e.g., memory corruption, design flaws, insecure update mechanisms).
• Are exposed to payment/fintech device security and secure device provisioning environment.

What we offer:

• An opportunity to grow as a professional in a dynamic, fast growing, high impact industry;
• The chance to work in an open minded, collaborative culture surrounded by enthusiastic Greenlighters who are driven by the challenge of continuously innovating and growing a smart, sustainable business with profound impact on the world;
• A truly multicultural experience: you will have the chance to work with and learn from people from different geographies, nationalities, and backgrounds. Structured, tailored learning and development programs that help you become a better leader, manager, and professional through the Greenlight Academy.

We place great importance on sustaining a diverse, inclusive work environment.

We believe that diversity (of race, gender, sexual orientation, religion, ethnicity, national origin, personality type, perspective, and all the other fascinating characteristics that make us different) enriches innovation and our competitiveness in the market.

We strive to ensure diverse perspectives inform critical decisions, and we actively work towards ensuring all Greenlighters feel like they belong. We also know that sustaining an inclusive workplace requires conscious effort and is a continuous journey, not an end-state.

Greenlight recruits, employs, trains, compensates and promotes individuals based on experiences and demonstrated job performance, regardless of race, color, religion, sex, marital status, sexual orientation, national origin, HIV/AIDS status, disability, or any other protected characteristic as established by law.

• Perform offensive security assessments of hardware, firmware, embedded OS, and payment stacks on Sun King mobile devices.
• Reverse engineer firmware and perform static and dynamic analysis to identify security flaws.
• Identify and exploit vulnerabilities in embedded systems, bootloaders, MDMs, Android kernel, secure boot implementations, and cryptographic mechanisms.
• Build and execute proof-of-concept attacks to demonstrate real-world exploitability and business impact.
• Collaborate with product, hardware, and software engineering teams to define secure development practices and improve product resilience.
• Participate in threat modelling and architecture reviews of new products and features.
• Stay up to date with emerging vulnerabilities, tools, and offensive research relevant to smart phones financing ecosystems.

• Fundamental knowledge of Android security, Mobile Device Management, IoT device architectures, and hardware security testing/hacking.
• Knowledge of hardware hacking techniques (e.g., JTAG/SWD/UART debugging, side-channel evaluation, fault injection).
• Hands on experience with Flash 64, Pandora, Easy JTag, Chimera, CM2 etc
• Proficiency in reverse engineering tools such as Ghidra, IDA Pro, Binary Ninja, and debugging tools like JTAGulator, OpenOCD, or Bus Pirate.
• Familiarity with secure boot, TPM/TEE, flash encryption, and other embedded security technologies.
• Programming and scripting proficiency in Python, C/C++, Bash, or similar languages.
• Experience in evaluating and modifying firmware images (binwalk, Firmadyne, QEMU).
• Solid comprehension of common vulnerabilities (e.g., memory corruption, design flaws, insecure update mechanisms).
• Exposure to payment/fintech device security and secure device provisioning environment.

• Fundamental knowledge of Android security, Mobile Device Management, IoT device architectures, and hardware security testing/hacking.
• Knowledge of hardware hacking techniques (e.g., JTAG/SWD/UART debugging, side-channel evaluation, fault injection).
• Hands on experience with Flash 64, Pandora, Easy JTag, Chimera, CM2 etc
• Proficiency in reverse engineering tools such as Ghidra, IDA Pro, Binary Ninja, and debugging tools like JTAGulator, OpenOCD, or Bus Pirate.
• Familiarity with secure boot, TPM/TEE, flash encryption, and other embedded security technologies.
• Programming and scripting proficiency in Python, C/C++, Bash, or similar languages.
• Experience in evaluating and modifying firmware images (binwalk, Firmadyne, QEMU).
• Solid comprehension of common vulnerabilities (e.g., memory corruption, design flaws, insecure update mechanisms).
• Exposure to payment/fintech device security and secure device provisioning environment.