06 Feb Principal Vulnerability Security Researcher
Posted at 19:30h
in
Permanent
Dubai
Posted 6 years ago
Role
As a Principal Vulnerability Security Researcher, you will: Lead large security projects and analyze complex applications to understand how they work, where they have weaknesses and demonstrate how identified vulnerabilities can be exploited by developing Proof-of-Concepts.
Responsibilities
- Conduct research on new techniques, security mitigation and identify zero-day vulnerabilities
- Produce security advisories to vendors, write technical blog posts, present at conferences and create white papers
- Deliver security reports by performing security audits
- Mentor and coach colleagues in your area of expertise
- Nurture relationships with clients
- Improve testing methodologies
- Develop security tools
- Be a valued member in a great team of security experts and work in a lab environment
- Expert in reverse engineering, vulnerability discovery, triaging, mitigation and exploitation
- Excellent knowledge of system internals including kernel architecture and memory management
- Experienced with fuzzing frameworks, such as: AFL, WinAFL, ClusterFuzz, LibFuzzer and Honggfuzz
- Extensive experience in vulnerability analysis, patch analysis and determining exploitability using tools like: WinDBG, IDA Pro, Radare2, GDB and Binary Ninja
- Substantial knowledge of dynamic tools that detect bugs during project execution: AddressSanitizer, Valgrind, VTrace, pydbg and pykd
- In-depth knowledge of dynamic binary translation and tool development using frameworks such as DynamoRIO, PIN and DynIns
- Expertise in one or more programming languages
- Experience working with secure coding methodology, best practices and their implementation within engineering teams
- Proven participation in disclosure of vulnerabilities, blog, capture the flag events, conference presentations and bug bounty programs would be an advantage
- Strong foundations in computer architecture, network, web technologies, Operating Systems or embedded systems
- Excellent written and verbal communication skills; including the ability to convey highly technical information to non-technical audiences
Job Features
| Job Category | Technology |
| Qualification | a:2:{s:5:"label";s:13:"Qualification";s:5:"value";s:117:"Degree in computer science, computer engineering, electrical engineering or obtained relevant security certifications";} |
| Experience | a:2:{s:5:"label";s:10:"Experience";s:5:"value";s:48:"10+ years in professional vulnerability research";} |
| Skills | a:2:{s:5:"label";s:6:"Skills";s:5:"value";s:264:"Excellent communication. Ability to get on with people at all levels and influence them. Strong problem-solving and creative skills. Ability to stay calm under pressure and keep to deadlines. Possess strong negotiation techniques. Teamworking and Leadership skills";} |
| Proficiency | a:2:{s:5:"label";s:11:"Proficiency";s:5:"value";s:46:"Expertise in one or more programming languages";} |
| Additional Certifications | a:2:{s:5:"label";s:25:"Additional Certifications";s:5:"value";s:0:"";} |