Security testing and research including development of tools for vulnerability discovery, analysis and mitigation during Application and Network Protocol testing. Development of fuzzers or fuzzer modules and analysis tools to identify new vulnerabilities in software or firmware. Development of static and run-time analysis tools to determine the cause and conditions related to a vulnerability. Vulnerability triage and proof of concept / exploit development to support the creation of detection content. Additional responsibilities include publishing open source tools, papers, presentations, and blog posts.
- Perform software security analysis and research to discover new vulnerabilities.
- Create tools for the discovery and triage and demonstration of vulnerabilities.
- Write detailed technical advisories on new vulnerabilities and findings.
- Develop proof of concept exploits for testing IPS and IDS effectiveness.
- Perform patch analysis to find and trigger vulnerabilities.
- Reverse engineer binary applications, protocols and formats.
- Demonstrate leadership with the security community.
Education and Work Experience
- Demonstrable experience with vulnerability research required;
- Bachelor's degree in CS, CE, or Mathematics preferred;
- Development background will be considered.
- Exceptional analytical skills and problem solving skills;
- Good organization, decision making and verbal and written communication skills;
- Ability to work independently with minimum supervision and to take on additional tasks as required;
- Ability to work with small teams to solve complex problems;
- A drive to succeed and a passion to solve difficult problems.
- Extensive experience in the majority of the following is required
- C/C++ proficiency, both in reviewing code and for tool development/maintenance;
- Python or some other scripting language for tool development;
- Windows, Linux and/or Mac OS X System API and ABI;
- Common file format and network protocol structures;
- Binary auditing and reverse engineering (x86/x64 assembler as a minimum);
- IDA Pro or Binary Ninja, including plugin development;
- Burp Suite or MITM, including plugin development;
- Compiler plugins or program analysis algorithms;
- Runtime binary instrumentation tools such as PIN, DynamoRIO, Frida etc.
- Possibility of working together with the top-edge professionals in a high-performing and very effective business unit;
- Our best people’s time and resources so that you can grow professionally and as a person;
- Free Schengen visa;
- Medical insurance;
- Working place in the city center;
- 28-day paid vacation;
- 100% paid sick leave (2 weeks);
- Compensation for contact lenses and eyeglasses;
- Fitness compensation;
- Free certification;
- Participation in international conferences.