Job Description

‍ Work as a Product Vulnerability Researcher for a complex security platform to identify flaws in hardware and software. Utilize the latest techniques in vulnerability/exploit research for analyzing the security of applications and services, discovering and addressing security issues, building security automation, and decisively taking action to mitigate emerging threats throughout a full secure development life cycle (SDLC). Help design security controls and validate that our services, applications, and emerging technologies are designed and implemented to the highest security standards.

‍ REQUIRED QUALIFICATIONS:

• 5+ years of experience developing security tools and penetration testing scripts
• 5+ years of experience performing application and infrastructure penetration testing to discover and exploit vulnerabilities
• Experience with modern exploitation techniques, exploit mitigation techniques, and software protections or binary armoring
• Experience with software development and testing in Python, Java, JavaScript, C/C++, or ASM
• Knowledge of OS Internals
• Knowledge of the system engineering life cycle, including security architecture, software security, intrusion detection, and defensive countermeasures
• Ability to develop detailed technical documentation describing identified vulnerabilities, associated impact as well as recommendations
• HS diploma or GED
• Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information

DESIRED QUALIFICATIONS:

• Experience with offensive security research & development and maintaining both an on-premise and cloud-hosted attack lab environment
• Knowledge of Red Team concepts and adversarial tradecraft against physical and software defined networking, operating systems, web applications, databases, and modern container orchestration frameworks
• Knowledge of the Penetration Testing Execution Standard (PTES)
• Knowledge of MITRE ATT&CK Framework and its application
• Knowledge of Linux/Red Hat preferred
• Knowledge of IT concepts, including Active Directory, TCP/IP, 802.11x, IPSEC, ICAM, Cryptography, and Cloud
• Ability to develop custom tools and tradecraft to automate tasks
• Ability to communicate upwards and to peers and presenting technical subjects to non-technical audiences
• TS/SCI clearance with a full scope polygraph
• OSCP, OSWP, OSEP, OSCE, OSWA, or OSWE Certification

CLEARANCE:

• TS/SCI minimum

Job Tags

Similar Jobs