Expert Vulnerability Researcher Researcher with CVE.
Looking for a candidate who has a track record of Vulnerability Research (based on products developed, conference presentations, CVEs reported, having held research positions at prominent research orgs (.gov, Raytheon, MIT Lincoln Labs, niche security consulting shops, etc.).
Ideal candidate will have additional skillsets like: Azure, Oracle Cloud, web platforms (specifically Java and Node/React.. on the research side, not OWASP. Someone who has published research or presented at a conference on web application security (e.g., OAuth, SAML, web platform security bugs), and/or enterprise product vulnerability research
All candidates should have experience developing in multiple languages and be able to find bugs in closed source products (i.e., via reverse engineering).
The Vulnerability Researcher role is responsible for analyzing systems, software, and security strategies to discover previously unknown vulnerabilities to proactively identify and mitigate emerging threats. This is accomplished by performing manual and automated source code review, binary analysis, vulnerability assessments, threat modeling, and security architecture review. This role requires research into the latest threat actors, attack vectors, and the offensive security techniques. Development of custom tooling and automation will be required to supplement manual vulnerability discovery. You must be an application, penetration, code-testing EXPERT. Somebody who can call into the code and punch holes from the inside-out.
- 7+ years of work experience in the Cyber Security industry
- Bachelor’s Degree in Computer Science or Management Information related field, or equivalent work experience
- Understanding of all phases of adversary emulation operations including reconnaissance, social engineering, exploitation, post-exploitation, covert techniques, lateral movement, and data exfiltration
- Extensive experience in offensive cybersecurity roles, such as red teaming, penetration testing (e.g., web, infrastructure, cloud), purple team exercises in cloud and on-prem environments
- A robust understanding of contemporary security theory and application exploitation techniques and attack vectors (including the vulnerability lifecycle and scanning methodologies (SAST, DAST, IAST, RASP)
- Experience developing and managing testing methodologies that adhere to common security guidelines such as OWASP and frameworks such NIST 800 or MITRE ATT&CK
- A solid understanding of computer architecture and organization with respect to binary analysis and exploitation
- Ability to analyze, create, and debug shellcode and other low-level exploits
- Experience developing custom security (either offensive or defensive) software in one or more compiled languages
- Demonstrated abilities to reverse engineer binaries, enumerate vulnerabilities in compiled software, and provide working exploits (e.g., CVEs, public acknowledgements, or ability to demonstrate on demand)
- Familiarity with automated security analysis and fuzzing tools (e.g., AFL and Peach)
- Demonstrated ability to discover vulnerabilities via static analysis and source code review
- A working understanding of key programming languages and frameworks (e.g., Java, Node.js, Python, JSP, etc.), including the ability to pick up new languages quickly, understand the security implications of those languages, and enumerate vulnerabilities in custom-developed software packages that leverage those languages
- Familiarity with scripting/programming of Python, PowerShell, or C# with the ability to create and customize tools
- Must have Reverse Engineering and Binary Analysis experience