Job Title
Senior Embedded Security Vulnerability Analyst (m/f/d)
Role Summary
Perform deep technical analysis of embedded systems to identify and assess vulnerabilities at the hardware/software boundary. Work with product and firmware teams to drive secure designs and mitigations.
The role focuses on low-level firmware, boot code, and security-critical components and includes advancing analysis approaches such as AI-assisted vulnerability discovery.
Experience Level
Senior β position expects an experienced professional; title indicates senior-level responsibilities and leadership of complex technical investigations.
Responsibilities
Key responsibilities include technical analysis, tooling, and collaboration to reduce security risk in embedded products.
- Perform in-depth vulnerability analysis of embedded software (bare-metal, RTOS, trusted execution environments).
- Analyze boot flows, privilege boundaries, crypto/key handling, and isolation mechanisms.
- Conduct root cause analysis and assess exploitability and impact of findings.
- Support security certifications and evaluations (e.g., PSA, SESIP, Common Criteria) as required.
- Investigate PSIRT incidents and recommend structural improvements.
- Develop and apply analysis methodologies and tooling: static analysis, fuzzing, scripting, automation.
- Design and refine workflows that combine static/dynamic analysis with AI-assisted techniques (LLM-based or agentic workflows).
- Research emerging attack techniques relevant to embedded systems and collaborate with development teams to translate findings into mitigations.
Requirements
Must-have technical skills and experience; differentiators are listed separately as nice-to-have.
Must-have:
- Strong understanding of low-level system behavior: memory layout, interrupts, privilege levels, concurrency.
- Solid experience in C programming and low-level firmware development.
- Familiarity with ARM and/or RISC-V architectures.
- Experience with assembly-level debugging and analysis tools (e.g., GDB, hardware debug interfaces).
- Ability to perform independent, complex technical investigations and to communicate findings clearly to engineering teams.
Nice-to-have:
- Vulnerability research, reverse engineering, or exploit development experience.
- Familiarity with static/dynamic analysis tooling, fuzzing, or symbolic execution.
- Experience with debugging interfaces such as JTAG, trace, or hardware probes.
- Experience using or evaluating AI-assisted code analysis and building automated analysis workflows.
- Rust experience or interest in memory-safe system design.
Education Requirements
Degree in Electrical Engineering, Computer Science, Mathematics, or a related technical field (as stated in the original posting).
About the Company
Company: NXP Semiconductors
Headquarters: Nijmegen, Netherlands
NXP Semiconductors N.V. is a global semiconductor company that provides High Performance Mixed Signal and Standard Product solutions. With over 45,000 employees and operations in more than 35 countries, NXP is a leader in secure connectivity solutions for embedded applications, catering to automotive, industrial IoT, mobile, and communication infrastructure markets. The company is committed to innovation and sustainability, advancing a smarter, safer, and more sustainable world through technology.

Date Posted: 2026-07-03