Principal Vulnerability Security Researcher

Permanent
Dubai
Posted 5 years ago

Role

As a Principal Vulnerability Security Researcher, you will:  Lead large security projects and analyze complex applications to understand how they work, where they have weaknesses and demonstrate how identified vulnerabilities can be exploited by developing Proof-of-Concepts.

 

Responsibilities

  • Conduct research on new techniques, security mitigation and identify zero-day vulnerabilities
  • Produce security advisories to vendors, write technical blog posts, present at conferences and create white papers
  • Deliver security reports by performing security audits
  • Mentor and coach colleagues in your area of expertise
  • Nurture relationships with clients
  • Improve testing methodologies
  • Develop security tools
  • Be a valued member in a great team of security experts and work in a lab environment
  • Expert in reverse engineering, vulnerability discovery, triaging, mitigation and exploitation
  • Excellent knowledge of system internals including kernel architecture and memory management
  • Experienced with fuzzing frameworks, such as: AFL, WinAFL, ClusterFuzz, LibFuzzer and Honggfuzz
  • Extensive experience in vulnerability analysis, patch analysis and determining exploitability using tools like: WinDBG, IDA Pro, Radare2, GDB and Binary Ninja
  • Substantial knowledge of dynamic tools that detect bugs during project execution: AddressSanitizer, Valgrind, VTrace, pydbg and pykd
  • In-depth knowledge of dynamic binary translation and tool development using frameworks such as DynamoRIO, PIN and DynIns
  • Expertise in one or more programming languages
  • Experience working with secure coding methodology, best practices and their implementation within engineering teams
  • Proven participation in disclosure of vulnerabilities, blog, capture the flag events, conference presentations and bug bounty programs would be an advantage
  • Strong foundations in computer architecture, network, web technologies, Operating Systems or embedded systems
  • Excellent written and verbal communication skills; including the ability to convey highly technical information to non-technical audiences

Job Features

Job CategoryTechnology
QualificationDegree in computer science, computer engineering, electrical engineering or obtained relevant security certifications
Experience10+ years in professional vulnerability research
SkillsExcellent communication. Ability to get on with people at all levels and influence them. Strong problem-solving and creative skills. Ability to stay calm under pressure and keep to deadlines. Possess strong negotiation techniques. Teamworking and Leadership skills
ProficiencyExpertise in one or more programming languages

Apply Online

A valid email address is required.
A valid phone number is required.

Your personal data will be used to support your experience throughout this website, to manage access to your account, and for other purposes described in our Privacy Policy.