Desired Skills and Experience
- Web application exploit analysis, such as file include or SQL injection vulnerabilities
- Web application technologies like Ruby on Rails, Django, PHP and JS
- Web application security tools such as mod_security
- Working within cross-functional research and product teams
- Linux/UNIX systems, both high and low level
- TCP/IP networking, in particular HTTP networking
- Familiarity with the OWASP Core Ruleset and mod_security ruleset
- Exploit reverse engineering
- Log and packet dump analysis
- Regular expressions and policy engines
- Coding experience, including languages such as Python, R, Julia, Java or Scala, or the like