Location: Noida, India

Thales is a global technology leader trusted by governments, institutions, and enterprises to tackle their most demanding challenges. From quantum applications and artificial intelligence to cybersecurity and 6G innovation, our solutions empower critical decisions rooted in human intelligence. Operating at the forefront of aerospace and space, cybersecurity and digital identity, we’re driven by a mission to build a future we can all trust.

Present in India since 1953, Thales is headquartered in Noida and has other operational offices and sites spread across Delhi, Gurugram, Bengaluru and Mumbai, among others. Over 2200 employees are working with Thales and its joint ventures in India. Since the beginning, Thales has been playing an essential role in India’s growth story by sharing its technologies and expertise in Defence, Aerospace and Cyber & Digital sectors. Thales has two engineering competence centres in India - one in Noida focused on Cyber & Digital business, while the one in Bengaluru focuses on hardware, software and systems engineering capabilities for both the civil and defence sectors, serving global needs. The Group has also established an MRO (Maintenance, Repair & Overhaul) facility in Gurugram to provide comprehensive avionics maintenance and repair services to Indian airlines and support the growth of the local aviation industry.

We are looking for an Automotive Embedded Penetration Tester with strong hands-on experience in ECU, in-vehicle networks, and automotive protocols. The role involves performing security assessments on automotive ECUs, vehicle architectures, and connected components in line with ISO/SAE 21434 and UNECE R155.

Key Responsibilities

Perform penetration testing and security assessments on automotive ECUsConduct embedded and hardware security testing, including:UART, SPI, I2C, JTAG, SWDDebug interface analysis and secure boot validationAssess in-vehicle communication protocols:CAN, CAN-FD, LIN, FlexRay, Automotive EthernetPerform UDS security testing:Security Access (Seed-Key)Diagnostic session abuseNRC analysis and fuzzingAnalyze ECU firmware:Firmware extraction, reverse engineeringStatic & dynamic analysisExecute threat modeling and risk assessments (TARA)Validate security controls for:Secure boot, secure flashingKey management and crypto usageDocument findings with clear risk impact and remediation guidanceSupport compliance activities for ISO 21434, UNECE R155/R156

Mandatory Skills

Strong knowledge of embedded systems and automotive ECUsHands-on experience with automotive pentesting tools:CANoe / CANalyzerBusMasterUDS tools, Scapy-CANGhidra / IDA (basic to intermediate)Solid understanding of:Cryptography fundamentals (AES, RSA, ECC, HMAC)Secure boot and firmware update mechanismsExperience with Linux-based testing environmentsAbility to read and understand Embedded C / C++ code

Good to Have

Experience in hardware fault injection (voltage glitching, clock glitching)BLE / UWB / Digital Key security testingPython scripting for automation and fuzzingExperience auditing labs or processes against ISO 27001Automotive cybersecurity certifications (e.g., ISO 21434 Lead Implementer)

At Thales, we’re committed to fostering a workplace where respect, trust, collaboration, and passion drive everything we do. Here, you’ll feel empowered to bring your best self, thrive in a supportive culture, and love the work you do. Join us, and be part of a team reimagining technology to create solutions that truly make a difference – for a safer, greener, and more inclusive world.