Job Details

ID #5146573
Estado Arizona
Ciudad Phoenix
Tipo de trabajo Permanent
Salario USD Depends on Experience Depends on Experience
Fuente Prosum
Showed 2020-10-24
Fecha 2020-10-20
Fecha tope 2020-12-18
Categoría Seguridad
Crear un currículum vítae

Security Researcher

Arizona, Phoenix, 85001 Phoenix USA

Vacancy caducado!

POSITION OVERVIEW:This division consists of a team of technical leaders that deliver advanced technical solutions to government organizations. This position will be responsible for researching and cataloging code vulnerabilities and injection exploits. You will use these examples to build signatures and train machine learning models for detection and alerting. This position will be for someone with security skills who is an expert in how to find, fix, and prevent vulnerabilities in our software. JOB RESPONSIBLTIES:

  • Conduct code reviews of products built in C/C, Go, Python
  • Find and fix security and privacy flaws in our software
  • Design and review security-related functionality such that we can maintain crypto-boundaries and compliance with FIPS 140-2
  • Develop tools to automate security testing and enable more efficient discovery and resolution of security problems
  • Guide teams on adoption and execution of a Secure Product Life Cycle
  • Maintain awareness of up-to-date threat and vulnerability profiles
  • Research into vulnerabilities, exploits, and malware techniques, especially related to code injection and remote exploits
  • Develop analysis techniques and mechanisms using various methods, including reputation, static, dynamic, and anomaly based, machine learning
  • Collect open source information for aggregation into our intelligence repository
REQUIRED SKILLS:
  • Expert-level understanding of post-exploit behaviors, forensic artifacts, and security controls
  • Familiarity with programming skills in Python or a similar language. Familiarity with development tools such as Git and Jira.
  • A deep understanding of computer systems, networks, and protocols
  • Experience in analytic development for OS-agnostic malicious behavior detection including basic techniques such as outlier detection. Knowledge or experience of machine learning applied to the information security domain is a major plus.
  • Solid programming skills in C, C, Go, Python,
  • Security code review, analysis and vulnerability assessment skills
  • Code obfation techniques
  • Understanding of malware construction, usage, and detection techniques.
REQUIRED EXPERIENCE:
  • Bachelor degree in computer science, engineering or a related discipline,
  • A minimum of 3 to 5 years of experience working with web security, or an equivalent combination of education and work experience;
  • Deep knowledge of web application attack and mitigation techniques (XSS, CSRF, SQL Injection, and Session Management)
  • Deep knowledge of AWS and Azure environments, security best practices, attack and mitigation techniques
  • Knowledge of web security protocols
  • Knowledge of mobile applications attack and mitigation techniques
  • Experience auditing C/C source for vulnerabilities
  • Experience auditing assembly for vulnerabilities
  • Experience with a scripting language such as Python

Vacancy caducado!

Suscribir Reportar trabajo