Senior Offensive Security Lead (Red Team)

We are looking for a relentless Senior Offensive Security Lead to anchor our Red Team. You won't just scan for vulnerabilities — you will reverse engineer, fuzz, and exploit embedded ECUs, telematics units, and vehicle network architectures, and you'll set the standard for how that work gets done. You'll pair manual "car hacking" grit with our automated VSEC Test platform to deliver deep, compliant analysis to OEMs and suppliers, while owning the engagements and mentoring the engineers around you. If you're a senior researcher who still loves pulling apart hardware and refuses to let leadership pull you off the keyboard, you belong at Block Harbor.

• Engagement & Project Ownership: Own assessments end to end — scoping customer requirements, authoring proposals, driving execution, and serving as the technical point of contact for the contracts and projects you lead.
• Hands-On Offensive Testing: Personally execute, activity-based penetration tests across physical and wireless vehicle interfaces — including CAN/CAN-FD, LIN, Automotive Ethernet, UDS, DoIP, Bluetooth, Wi-Fi, and Web APIs. This is a doing role, not a watching role.
• Technical Leadership & Mentorship: Set the methodology and technical direction on your engagements, raise the bar for testing quality across the team, and mentor junior and mid-level testers through hands-on coaching and review.
• Firmware & Software Reversing: Reverse engineer and perform binary composition analysis on embedded vehicle controllers to surface configuration flaws, logic bugs, and memory corruption vulnerabilities.
• Automated & Manual Fuzzing: Apply advanced fuzzing techniques to expose vulnerabilities and weaknesses in vehicle communication stacks and diagnostic services.
• VSEC Platform Utilization: Leverage Block Harbor's VSEC platform to accelerate execution and centralize test management — and help shape the VSEC platform, tooling, and roadmap through direct feedback.
• Reporting & Remediation Support: Produce and review client-ready penetration test reports mapped to relevant regulatory frameworks (ISO/SAE 21434, UN R155, NIST). Present findings directly to customer engineering and leadership teams, clearly communicating technical risk and prioritized mitigation strategies.

Community & Research: Represent Block Harbor in the broader automotive security ecosystem — including ASRG, DEF CON Car Hacking Village, and SAE International committees — through ongoing security research and thought leadership.

• Experience: 5+ years of professional experience in offensive security, penetration testing, or security assessments, with significant time spent in the automotive, embedded systems, or IoT domains. Comfortable engaging directly with customer stakeholders and presenting technical findings
• Engagement Leadership: A proven track record leading penetration testing engagements end to end — scoping, proposing, executing, and owning the client relationship through delivery.
• Protocols & Architecture: Deep, hands-on expertise with vehicle electrical/electronic (E/E) architectures and protocols, particularly CAN/CAN-FD, UDS, DoIP, and Automotive Ethernet.
• Tools of the Trade: Strong proficiency with hardware and network tools including Wireshark, Vector CANalyzer/CANoe, Ghidra, IDA Pro, JTAG/SWD debuggers, and software fuzzers.
• AI and LLM: Hands-on experience applying AI and LLMs in a security or research context.
• Standards Knowledge: Solid working knowledge of automotive cybersecurity compliance frameworks, specifically ISO/SAE 21434 and UN R155.
• Mindset: A curious, sharp problem-solving instinct, and a collaborative approach that embodies our "full throttle collaboration" culture — including a willingness to mentor and elevate those around you.
• ‍Travel: Willingness to travel internationally.

• Experience mentoring or technically guiding other security engineers
• Experience with cloud platforms and API security
• Published research, CVEs, or conference presentations in the embedded/automotive security space