Purple Teaming Engineer - Embedded Security
Indexed description
The ideal candidate will have practical experience with SOC operations, adversary simulation, detection engineering, and security testing across embedded or cloud-connected systems.
You will play a key role in executing threat emulation, automating adversary TTPs, and enhancing detection capabilities in collaboration with Red and SOC team.
Experience with vehicle SOC and security operations is a plus.
Key Responsibilities
- Operationalize Purple Team and Attack Simulation exercises across embedded and cloud-connected systems.
- Develop and execute adversary simulation plans that align with threat intelligence.
- Collaborate with Red and Blue teams to identify detection gaps and improve SOC effectiveness.
- Identify relevant log sources across assets, ECUs, and infrastructure; document the type, location, and format of logs required for effective cybersecurity anomaly detection.
- Regularly review the availability, completeness, and integrity of logs; highlight gaps and work with asset/ECU owners to ensure alignment with best security logging practices.
- Share recommendations with system and asset owners on required logging improvements, event visibility, and adherence to secure logging practices.
- Support offensive testing across RTOS, Linux, Android, and MCU-based systems.
- Draft and present technical reports and summaries of Purple Team activities to technical and management stakeholders.
- Communicate findings, detecting weaknesses, meeting the logging requirements and prioritized remediation strategies. Collaborative Objectives:
- Work closely with SOC & Red teams to convert threat intel into actionable TTPs and test cases.
- Support SOC operations and help validate detection logic with real-world simulations.
- Assist in control validation, SIEM optimization, and threat modeling automation.
- Provide mentorship to junior team members on simulation workflows and embedded systems.
- Contribute to the ongoing development of the team’s offensive and defensive testing capabilities.
- Bachelor's Degree in Cybersecurity, Information Security, Computer Science, or Information Technology and at least 5 years of professional experience.
- Strong knowledge of MITRE ATT&CK, threat simulation tools, and detection principles.
- Experience working with embedded Linux, Android systems, RTOS, or MCU platforms.
- Familiarity with SIEM systems (e.g., Splunk, ELK), log analysis.
- Proficiency in scripting/automation using Python.
- Exposure to network security, including packet analysis and custom protocol fuzzing.
- Exposure with vehicle communications (CAN, UDS, DoIP, BLE, MQTT, etc.).
- Strong technical writing and communication skills for documentation and stakeholder engagement. Preferred Qualifications:
- Experience in vehicle cybersecurity/SOC or embedded threat detection.
- Familiar with tools like Burp Suite, Ghidra, Binwalk, or custom fuzzers.
- Experience simulating or detecting low-level attacks, including firmware tampering, memory corruption, and secure boot bypasses.
- Understanding of cloud security architecture related to embedded platforms.
- Working knowledge of SIEM solutions, telemetry pipelines, and threat hunting frameworks.
Equal Opportunity: At Lucid, we believe diversity strengthens everything we build. Lucid Motors is proud to be an equal opportunity employer and is committed to providing an inclusive workplace for all. We consider all qualified applicants without regard to race, color, national or ethnic origin, age, religion, disability, sexual orientation, gender, gender identity or expression, marital status, or any other characteristic protected by applicable state or federal laws and regulations.
Accessibility: Lucid Motors is committed to providing reasonable accommodations for qualified individuals with disabilities. If you need any accommodation to participate in the application process, please contact us at TA-Operations lucidmotors.com. This email address is designated solely for accommodation requests and is not monitored for job applications or resume submissions. To be considered for employment, all applications must be submitted through the Lucid Motors Careers website.
Candidate Data Privacy: By submitting your application, you understand and agree that your personal data will be processed in accordance with our Candidate Privacy Notice.
To all recruitment agencies: Lucid Motors does not accept agency resumes. Please do not forward resumes to Lucid Motors. Lucid Motors is not responsible for any fees related to unsolicited resumes.
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search