Vacancies at M-Kopa Solar

As an Engineer, you will be providing support and testing M-KOPA devices for security flaws, particularly mobile phones. Physically performing hardware vulnerability reviews of M-KOPA mobiles, IoT and automotive devices, writing custom Proof-of-Concept code and carrying out internal penetration testing against applications and assisting with internal red teaming engagements.

Overview

This role would involve learning and conducting in-depth hardware penetration testing, particularly for Android mobile, iOS, and embedded systems.

Additionally, you would be assisting in the identification and discovery of hardware zero-day vulnerabilities in a range of mobile devices, applications, and the underlying kernels through hardware fuzzing, software fuzzing, and low-level reverse engineering.

Expertise

Our expectation is that you have fundamental knowledge of Android applications, IoT devices and hardware hacking, with proper understanding of firmware architectures, mobile operating systems and low-level memory interfaces such a JTAG, UFS and eMMC.

If you have experience with penetration testing / red teaming engagements, with an excellent knowledge of the Linux OS, kernel, virtualization technologies and can use a multitude of tools, from logical analyzers and oscilloscopes, to soldering irons and custom boards to access low level microprocessors and exploit challenging systems, then this might just be the role for you.

We are particularly interested in a background / experience with hardware hacking, phone hacking or phone security.

go to method of application »

As an Associate Engineer, you will be monitoring and detecting security incidents, responding to them, and implementing and maintaining security controls which help prevent unauthorized access, data breaches, and other security risks.

Overview

This role would involve performing regular security assessments, vulnerability scans, and penetration tests to pinpoint and rectify security weaknesses. Using monitoring technologies for detecting and analyzing malicious activity and subsequently addressing security incidents, including malware infections, unauthorized access attempts, and data breaches.

Collaboration

We foster collaboration with internal teams and external partners to promptly contain, mitigate, and remediate security incidents; ensuring systems are updated and patched on time to address known vulnerabilities. You would also be working with threat intelligence to enhance monitoring, detection, response capabilities, and proactively defend against emerging threats.

Expertise

• For this role, we expect that you have about 1 or 2 years of experience in information technology or cybersecurity roles with good comprehension of cybersecurity principles, technologies, and best practices.
• Additionally, good knowledge in incident response procedures and malware analysis techniques coupled with certification in Blue Team Level 1 (BTL1), Offensive Defense Analyst (OSDA), CompTIA Cybersecurity Analyst+ (CySA+) or equivalent would make you a great fit.
• If you like working independently or collaboratively in a dynamic environment and have a familiarity with security monitoring and detection tools such as SIEM, IDS/IPS, endpoint detection & response (EDR), and network traffic analysis, then this might just be the role for you.
• We are particularly interested in an Information Security background with experience in monitoring, detecting and responding to security incidents, and subsequently implementing security controls.