Embedded Security Engineer / Vulnerability Researcher (Embedded Systems)

We are looking for a curious and technically strong Embedded Security Engineer / Vulnerability Researcher to join our software vulnerability analysis team. In this role, you will break, analyze, and harden embedded systems used in next-generation products.

This position is ideal for engineers who enjoy digging deep into firmware, hardware behavior, and attack surfaces - whether your background comes from embedded development, security research, or hands-on hacking of real systems.

If you like understanding how systems really work, finding unexpected behavior, and thinking like an attacker, this role is for you.

What You Will Do

• Analyze embedded software and systems for security vulnerabilities during product development
• Explore and validate potential attack paths across firmware, boot flows, and system interfaces
• Perform hands-on security testing using static and dynamic analysis techniques
• Support product security assessments and certification-related security activities
• Investigate security incidents and vulnerability reports in collaboration with PSIRT and development teams
• Research and experiment with new or emerging attack techniques against secure embedded systems
• Advise development teams on concrete, practical security improvements
• Contribute to innovation by challenging assumptions and identifying systemic weaknesses, * Analyze and influence the security of products used at scale
• Collaborate with experts across hardware, firmware, and security research
• Freedom to explore, experiment, and challenge designs
• An inclusive environment that values diverse technical backgrounds and perspectives

Please note: The successful candidate may/will be responsible for security related tasks. The assignment may/will be in scope of security certifications, therefore a conscious and reliable way of working is necessary.

• Degree in Electrical Engineering, Computer Science, or a related field
• Strong foundation in embedded systems or low-level software engineering
• Practical experience with C; exposure to assembly (ARM or RISC-V) is highly valued
• Understanding of bare-metal software, boot processes, memory layouts, and system behavior
• Familiarity with microcontroller or SoC architectures (ARM, RISC-V, or similar)
• Experience with or strong interest in security testing, reverse engineering, or vulnerability research
• Hands-on mindset - you like experimenting, probing, and validating ideas on real systems

Who You Are

• You think like an engineer and like an attacker
• You enjoy solving complex, non-obvious problems
• You are comfortable working independently but value collaboration
• You can clearly explain technical findings to both experts and non-experts
• You are curious, pragmatic, and focused on real-world impact

For applications in Gratkorn: NXP provides market competitive compensation according to the benchmarking of the electronic and semiconductor industry. Due to the Austrian Equal Treatment Act we are obligated to state the employment group of our applicable collective bargaining agreement (CBA) "Kollektivvertrag für Angestellte Gewerbe und Handwerk und in der Dienstleistung", this position (fulltime) is graded in Employment Group IV. Your individual experiences and expectations will be considered in the application process. Moreover, we provide attractive benefits to our employees like home office, flexible working time, meal benefits and more.