Senior Security Consultant - Hardware and Embedded Security
Fox-IT
Other Engineering, IT
Posted on May 29, 2026
Senior Security Consultant – Hardware and Embedded Security
Location: Waterloo, Canada
Thanks for checking out our latest opportunity. We’re thrilled that YOU are considering joining our team!
We’re NCC Group – a global leader in security consulting with a relentless passion for cutting-edge research and technical excellence. Security isn’t just what we do; it’s who we are. Our culture thrives on collaboration, continuous learning, and a deep commitment to delivering outstanding results. At NCC Group, we don’t just identify vulnerabilities – we’re shaping the future of security, and we need someone like you to help us do it.
Location: Waterloo, Canada
Thanks for checking out our latest opportunity. We’re thrilled that YOU are considering joining our team!
We’re NCC Group – a global leader in security consulting with a relentless passion for cutting-edge research and technical excellence. Security isn’t just what we do; it’s who we are. Our culture thrives on collaboration, continuous learning, and a deep commitment to delivering outstanding results. At NCC Group, we don’t just identify vulnerabilities – we’re shaping the future of security, and we need someone like you to help us do it.
We’re on the lookout for an experienced Security Engineer or Researcher to join our Hardware and Embedded Security consulting practice.
- Department
- Cyber Services and Capabilities
- Employment Type
- Full Time
- Location
- CAN Waterloo
- Workplace type
- Hybrid
Key Accountabilities
What you’ll do:
As a Senior Security Consultant, you’ll be the technical lead on complex projects, driving security assessments and providing expert advice to clients. Your main responsibilities will include:
As a Senior Security Consultant, you’ll be the technical lead on complex projects, driving security assessments and providing expert advice to clients. Your main responsibilities will include:
- Conducting in-depth penetration testing, code reviews, and security analysis.
- Leading research and reverse engineering efforts on emerging technologies and attacks.
- Guiding clients through secure design practices such as threat modelling and attack surface enumeration.
- Mentoring junior team members and contributing to internal tools and research initiatives.
- Working on diverse projects, often remotely, but with travel to client sites when needed.
Skills
To be successful in this role, you should have
- Solid experience in software or hardware security
- In-depth technical expertise in driver code auditing, bootloaders, secure boot, and embedded system architectures
- Proficiency in C/C++ for security-focused code review
- A solid understanding of firmware reverse engineering and security analysis
- Strong communication skills – you’ll need to explain complex vulnerabilities to clients in clear terms
- A Bachelor’s degree in Computer Science, Engineering, or a related field is desirable.
Additionally, it is highly beneficial if you have experience with any of the following:
- Cryptography knowledge
- Black-box reverse engineering
- Familiarity with UEFI platform firmware, ARM/x86 architectures, and secure boot architectures
- Experience with SDR, wireless protocols (Bluetooth, Wi-Fi, ZigBee, etc.), or storage controllers like NVMe, SATA, and eMMC.
Benefits
What do we offer in return?
We have a high-performance culture which is balanced evenly with world-class well-being initiatives and benefits:
- Flexible Working: Balance your work and personal life with our flexible working options.
- Holiday Allowance: Enjoy 20 days of holiday, plus and additional floating day to choose at your leisure
- Pension, Medical and Dental cover as well as Life Assurance
- Community & Volunteering Programmes: Make a difference in your community with our volunteering opportunities.
- Special Time Off: Take time off for those big moments in life, like getting married/entering into a civil partnership, becoming a grandparent, and welcoming home a new pet.
- Family Planning: Benefit from our generous maternity and paternity leave, as well as time off and support for those undergoing fertility treatments.
About NCC Group
We assess, develop and manage cyber threats across our increasingly connected society. We advise global technology, manufacturers, financial institutions, critical national infrastructure providers, retailers and governments on the best way to keep businesses, software and personal data safe.
With our knowledge, experience and global footprint, we are best placed to help businesses identify, assess, mitigate & respond to the risks they face.
We are passionate about making the Internet safer and revolutionising the way in which organisations think about cyber security.
Headquartered in Manchester, UK, with over 35 offices across the world, NCC Group employs more than 2,000 people and is a trusted advisor to 15,000 clients worldwide.
With our knowledge, experience and global footprint, we are best placed to help businesses identify, assess, mitigate & respond to the risks they face.
We are passionate about making the Internet safer and revolutionising the way in which organisations think about cyber security.
Headquartered in Manchester, UK, with over 35 offices across the world, NCC Group employs more than 2,000 people and is a trusted advisor to 15,000 clients worldwide.
We review every application received and will get in touch if your skills and experience match what we’re looking for. If you don’t hear back from us within 10 days, please don’t be too disappointed – we may keep your CV on our database for any future vacancies and we would encourage you to keep an eye on our career opportunities as there may be other suitable roles.
If you do not want us to retain your details, you can utilise the Manage Your Data tool provided by Pinpoint or contact us directly at: global.ta@nccgroup.com. All personal data is held in accordance with the NCC Group Privacy Notice.
We are committed to diversity and flexibility in the workplace. If you require any reasonable adjustments to support you during the application process, please tell us at any stage.
Please note that this role involves mandatory pre-employment background checks due to the nature of the work NCC Group does. To apply, you must be willing and able to undergo the vetting process.
If you do not want us to retain your details, you can utilise the Manage Your Data tool provided by Pinpoint or contact us directly at: global.ta@nccgroup.com. All personal data is held in accordance with the NCC Group Privacy Notice.
We are committed to diversity and flexibility in the workplace. If you require any reasonable adjustments to support you during the application process, please tell us at any stage.
Please note that this role involves mandatory pre-employment background checks due to the nature of the work NCC Group does. To apply, you must be willing and able to undergo the vetting process.
Not quite right? Register your interest to be notified of any roles that come along that meet your criteria.
