Bestkaam Logo
Back to Jobs
QualySec | Beyond Cybersecurity

Penetration Tester Lead (IoT)

Actively Reviewing

QualySec | Beyond Cybersecurity

Bhubaneswar Full-Time 4–8 yrs exp Posted 1 month ago  · Apply by Jul 18, 2026
We are looking for a Penetration Tester Lead (IoT) to join our security team, who will be responsible for leading IoT security testing engagements, mentoring team members, and ensuring high-quality security assessments across IoT devices, firmware, communication, embedded systems, and connected ecosystems.

Job Description

Qualysec Technologies is seeking an experienced and technically strong Penetration Tester Lead (IoT) to lead and manage IoT security testing projects. This role involves performing advanced penetration testing on IoT devices, embedded firmware, hardware interfaces, and IoT communication protocols while guiding the IoT security team and maintaining testing standards and methodologies.

The candidate will be responsible for managing end-to-end IoT security assessments, reviewing testing deliverables, coordinating with clients, and providing strategic remediation recommendations. The role requires strong expertise in IoT attack methodologies, hardware security testing, and firmware analysis along with leadership and mentoring capabilities.

Qualification

3 to 5 years of hands-on experience in IoT / Embedded Systems Security, Vulnerability Assessment, or Penetration Testing with exposure to leading or mentoring teams.

Experience

3 to 5 years of hands-on experience in IoT / Embedded Systems Security, Vulnerability Assessment, or Penetration Testing with exposure to leading or mentoring teams.

Location

Bhubaneswar

Job Type

Full time

Key Responsibilities

  • Lead and execute end-to-end penetration testing of IoT and embedded devices across various domains including consumer, industrial, healthcare, automotive, and smart infrastructure
  • Perform advanced testing of device hardware, firmware, bootloaders, and embedded operating systems
  • Assess security of wired and wireless communication protocols such as Wi-Fi, BLE, Zigbee, Z-Wave, LoRaWAN, NFC, CAN, and industrial protocols
  • Conduct security testing of IoT mobile applications, APIs, and cloud backends
  • Evaluate secure boot mechanisms, OTA update security, encryption implementation, and device authentication mechanisms
  • Review vulnerability findings, validate exploitability, and provide strategic remediation recommendations
  • Review technical reports and ensure high-quality deliverables for clients
  • Mentor and guide junior penetration testers and support skill development within the team
  • Contribute to developing internal IoT testing methodologies, frameworks, and research initiatives
  • Stay updated with emerging IoT threats, vulnerabilities, and industry best practices

Required Skills

  • Strong expertise in IoT security testing methodologies and attack surface analysis
  • Advanced knowledge of firmware extraction, analysis, and reverse engineering
  • Hands-on experience with hardware debugging and interface exploitation
  • Strong understanding of embedded architectures including ARM, MIPS, and RISC-V
  • Experience in radio frequency and protocol-level attack testing
  • Ability to develop custom testing scripts, exploits, and automation tools
  • Strong understanding of secure hardware design, cryptographic implementation, and device authentication models
  • Experience in leading projects, mentoring teams, and managing client interactions
  • Excellent documentation, reporting, and communication skills
  • Tools & Technologies
    • Hardware & Debugging Tools:
      • JTAG, SWD, UART, SPI, I2C
      • Bus Pirate, Shikra, JTAGulator
    • Firmware & Reverse Engineering:
      • Ghidra, IDA Pro, Radare2
      • OpenOCD
    • Network & Protocol Testing:
      • Wireshark, tcpdump
      • RF analysis tools
    • Wireless & IoT Protocols:
      • MQTT, CoAP, HTTP/HTTPS
      • BLE, Zigbee, Z-Wave, LoRaWAN, NFC
      • CAN, Modbus, BACnet
Benefits

  • Competitive salary, great perks, and a work culture that’s as fun as it is rewarding
  • On-time salary
  • Paid time off and holidays
  • Leave encashment
  • Lunch provided
  • Provident Fund
  • Variable bonus
  • Plenty of room to experiment, innovate, and grow
  • Job type: Full-time, permanent

About Us

Qualysec is a leading cybersecurity firm specializing in comprehensive penetration testing and risk assessment services. Our tailored solutions help businesses proactively defend against evolving cyber threats.

With over 5+ years of experience, we take pride in having served more than 200+ clients across 30+countries—a testament to our commitment to quality and resilience. Our dynamic work environment and employee-focused culture drive our continuous growth and success.