Hardware Penetration Tester

Who We Are

As the leader in cloud-managed IT and networking, Cisco connects passionate people to their mission by simplifying the digital workplace. Our impact is driven by the innovative, purposeful, and vibrant people who make up our inclusive community. When technology is intuitive and secure, our customers can focus on what matters!

About The Team

Join our Device Penetration Testing team, where your expertise will directly strengthen the security of millions of Cisco devices—from embedded systems to global cloud platforms. Here, you’ll collaborate with security professionals recognized for leading hardware security training, being credited with multiple CVE discoveries, and achieving success in bug bounty programs.

We are a highly technical, collaborative group passionate about dissecting complex technologies, uncovering critical vulnerabilities, and pushing the boundaries of what’s possible to safeguard the infrastructure that powers the internet. If you thrive on solving tough technical challenges, get excited by impactful security discoveries, and value an environment built on knowledge sharing and continuous learning, you’ll feel right at home with us.

What You'll Do Day-to-Day: 

As a Hardware Penetration Tester on our Device Penetration Testing team, you will:

• Proactively engage in technical and hands-on security assessments, dissecting hardware, analyzing firmware, and identifying critical vulnerabilities in Cisco's latest devices and products still in development.
• Perform in-depth analysis of hardware components and their interactions, including JTAG, UART, SPI, and I2C communication analysis, secure boot, and examining how firmware interacts with underlying hardware. Extract and analyze content from SPI flash and other on-board memory and audit the security of hardware protocols and communication interfaces as part of the analysis.
• Focus on uncovering technically challenging and highly impactful vulnerabilities, directly contributing to the security and trustworthiness of Cisco's extensive product portfolio.
• Engineer and implement novel exploit chains to bypass advanced hardware and firmware security mechanisms, demonstrating full compromise scenarios.
• Conduct in-depth research into emerging hardware attack surfaces and develop innovative techniques for exploitation that push the boundaries of current security understanding.
• Continuously enhance your offensive security skillset across a broad spectrum of targets, including web applications, embedded firmware, hardware components, and network protocols.
• Document all identified vulnerabilities with comprehensive technical write-ups and collaborate directly with engineering teams to provide detailed insights, driving effective remediation throughout the product development lifecycle.
• Leverage automation, custom scripting, and AI/ML technologies to accelerate vulnerability discovery, streamline security analysis workflows, and enhance testing capabilities across a diverse range of hardware and embedded systems.
• Analyze recurring vulnerability patterns across diverse systems, translating these findings into actionable security insights and baseline test sets to influence secure design and prevent future vulnerabilities.

What We're Looking For:

• A security-focused mindset with genuine passion for penetration testing and vulnerability research
• Familiarity with firmware extraction techniques and methodologies
• Strong understanding of embedded hardware interfaces and protocols
• Expertise in conducting JTAG, UART, and SPI-based testing
• Ability to identify and bypass hardware security mechanisms
• Familiarity with embedded operating systems and architectures
• Proficiency in programming and scripting (e.g., Python, C, Bash)
• Experience with hardware debug tools and test equipment
• Solid understanding of network security and penetration testing methodologies · Bachelor's degree in Computer Science, Information Security, or 5+ years of related work experience
• 4+ years of hands-on experience in web application security, firmware security, embedded system penetration testing, authentication and security protocols
• Working knowledge of industry frameworks:
• OWASP Web Security Testing Guide (WSTG)
• OWASP IoT Security Testing Guide (ISTG)
• Penetration Testing Execution Standard (PTES)
• Strong written and verbal communication skills—you can explain complex security issues clearly to both technical and non-technical audiences

Nice to Have:

• Experience with source code security assessments and adjacency analysis in C/C++, Golang, Rust, or Ruby
• Comfort working in Linux environments
• Exposure to hardware injection attacks such as EMFI
• Understanding of secure development lifecycle practices including threat modeling, code review, SAST, DAST, and security architecture review
• OSCP or similar penetration testing certification
• Experience participating in bug bounty programs or responsible disclosure initiatives

Does this sound like you? We would love to hear from you.

We encourage you to drop us a line even if you don’t have all the points above. That’s a lot of different areas of responsibility! We will help you pick them up because we believe that great leaders come from a diverse set of backgrounds.

Cisco is an Affirmative Action and Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status, or any other legally protected basis. Cisco will consider for employment, on a case by case basis, qualified applicants with arrest and conviction records.