Vulnerability Research Engineer

  • Full Time
  • Global

Website cyberwarzonecom Confidential

A Vulnerability Research Engineer is a person who is part of a research team. The research team in in turn responsible for research and analysis of new exploits.

Qualifications include:

  • An extensive knowledge of C/C++, python, assembly language or additional scripting and programming languages.
  • An Master of Science of Bachelor of Science degree in Computer Science.
  • Some companies require at least one of two years of experience within the industry.
  • Some companies require specific experience with system security and/or de-bugging experience in C (Unix and/or Windows environments).
  • Relevant experience involving WinDbg or OllyDbg, BinDiff and IDA Pro.
  • In-depth knowledge of various TCP and/or IP protocols (sometimes a specific focus is required on CIFS, MSRPC and SMB).
  • Experience with signature development and penetration testing, along with writing exploit code.
  • Knowledge of fault injection frameworks or fuzzing and virtualization.

Job Duties List
Job duties of a vulnerability security research engineer can differ, depending on the specific company or institution the individual may by employed by, but general job duties often include requirements to:

  • Review, isolate, analyze and then reverse-engineer programs that are vulnerable or malicious code in order to determine and understand the specific nature of the threat.
  • Document the specific attack capabilities of the specimen (code, virus, etc.) and understand the concept of exploitation scenario.
  • Create a detailed technical report concerning the treat, along with PoC code.
  • Provide detection guidance to other team members or additional security teams in a timely manner.
  • Stay on top of the ‚Äúvulnerability landscape‚ÄĚ and be up-to-date on current attacks or potential attacks and prepare counter-measures (if possible) to thwart those attacks or at least be prepared for them.
  • Analyze common network services and software applications in order to discover new and potential vulnerabilities.

To apply for this job please visit cyberwarzone.com.