Connecting to LinkedIn...

Vulnerability Research Engineer

Job Title: Vulnerability Research Engineer
Contract Type: 正社員
Location: Tokyo
Industry:
Salary: 7 - 13 Million Yen Annually
Start Date: ASAP
REF: 784943
Contact Name: Christian Morner
Contact Email: christian@visionconsulting.jp
Job Published: 6ヶ月 前

Job Description

Company Description

Our Client is the Cyber Exposure company. Over 24,000 organizations around the globe rely on them to understand and reduce cyber risk. As the creator a vulnerability scanner, Our client extended its expertise in vulnerabilities to deliver their platform, the world’s first platform to see and secure any digital asset on any computing platform. Our client’s customers include more than 50 percent of the Fortune 500, more than 25 percent of the Global 2000 and large government agencies.


Job Summary

Our client is looking for an engineer to join their research team. This position will involve researching existing vulnerabilities, looking for new vulnerabilities, and developing scripts to detect vulnerabilities. The development will be in Nessus Attack Scripting Language (NASL), although experience in NASL programming is not required.


Primary Job Responsibilities

  • Research newly published vulnerabilities and security advisories in order to determine safe and reliable methods of detection and exploitation

  • Develop plugins for our client’s vulnerability scanner based on research findings

  • Research and develop methods of detection for currently unsupported services and products

  • Perform original research by looking for vulnerabilities in software popular with our customers, coordinating disclosures, and providing plugins to detect these findings

 

Required Skills

  • In depth understanding of common security vulnerabilities, detection and exploitation techniques

  • Demonstrably strong programming skills in at least one language.

  • Knowledge on the operation and management of network services

  • Protocol analysis and interaction

  • Experience with search engines such as Shodan and Censys.

  • Experience with git version control

  • Ability to operate independently with little supervision as well as collaborate and work with others

  • Ability to self-educate and keep up to date with current exploitation methods

  • Outstanding written and verbal communication skills

  • Ability to work within a virtualized lab environment

  • Experience working with multiple operating systems (proficiency with Linux a must)

  • Strong attention to detail and able to frequently shift priorities as needed

 

And Ideally

  • B.S. degree in Computer Science or a related field

  • 2-4 years of development experience

  • Some reverse engineering experience including basic binary analysis, packet capture analysis, and firmware analysis (using binwalk)

  • Experience with C, C++, Assembly (x86/x64 and/or ARM/ARM64) and scripting languages

  • Fuzzing experience

  • Proven experience researching vulnerabilities or participating in bug bounty programs or other security related activities

  • Experience with pentesting, researching, discovering, or publishing vulnerabilities

  • Prior experience with debuggers, disassemblers or decompilers (e.g. IDA Pro, Immunity Debugger, gdb)

  • One or more security related certifications (e.g. OSCP)

  • Experience with CVSS scoring or vulnerability classification

  • Experience with systems administration and be comfortable working at the command line