Connecting to LinkedIn...

Vulnerability Research Engineer

ポジション名: Vulnerability Research Engineer
雇用形態: 正社員
勤務地: Tokyo
職種:
給与: 7 - 13 Million Yen Annually
開始日: ASAP
リファレンス: 784943
担当者名: Christian Morner
連絡メールアドレス: christian@visionconsulting.jp
求人公開日: October 04, 2018 11:05

求人要項

Company Description

Our Client is the Cyber Exposure company. Over 24,000 organizations around the globe rely on them to understand and reduce cyber risk. As the creator a vulnerability scanner, Our client extended its expertise in vulnerabilities to deliver their platform, the world’s first platform to see and secure any digital asset on any computing platform. Our client’s customers include more than 50 percent of the Fortune 500, more than 25 percent of the Global 2000 and large government agencies.


Job Summary

Our client is looking for an engineer to join their research team. This position will involve researching existing vulnerabilities, looking for new vulnerabilities, and developing scripts to detect vulnerabilities. The development will be in Nessus Attack Scripting Language (NASL), although experience in NASL programming is not required.


Primary Job Responsibilities

  • Research newly published vulnerabilities and security advisories in order to determine safe and reliable methods of detection and exploitation

  • Develop plugins for our client’s vulnerability scanner based on research findings

  • Research and develop methods of detection for currently unsupported services and products

  • Perform original research by looking for vulnerabilities in software popular with our customers, coordinating disclosures, and providing plugins to detect these findings

 

Required Skills

  • In depth understanding of common security vulnerabilities, detection and exploitation techniques

  • Demonstrably strong programming skills in at least one language.

  • Knowledge on the operation and management of network services

  • Protocol analysis and interaction

  • Experience with search engines such as Shodan and Censys.

  • Experience with git version control

  • Ability to operate independently with little supervision as well as collaborate and work with others

  • Ability to self-educate and keep up to date with current exploitation methods

  • Outstanding written and verbal communication skills

  • Ability to work within a virtualized lab environment

  • Experience working with multiple operating systems (proficiency with Linux a must)

  • Strong attention to detail and able to frequently shift priorities as needed

 

And Ideally

  • B.S. degree in Computer Science or a related field

  • 2-4 years of development experience

  • Some reverse engineering experience including basic binary analysis, packet capture analysis, and firmware analysis (using binwalk)

  • Experience with C, C++, Assembly (x86/x64 and/or ARM/ARM64) and scripting languages

  • Fuzzing experience

  • Proven experience researching vulnerabilities or participating in bug bounty programs or other security related activities

  • Experience with pentesting, researching, discovering, or publishing vulnerabilities

  • Prior experience with debuggers, disassemblers or decompilers (e.g. IDA Pro, Immunity Debugger, gdb)

  • One or more security related certifications (e.g. OSCP)

  • Experience with CVSS scoring or vulnerability classification

  • Experience with systems administration and be comfortable working at the command line