Desired Skills and Experience

  • Research newly published vulnerabilities and security advisories in order to determine safe and reliable methods of detection and exploitation
  • Develop plugins for the Nessus vulnerability scanner based on research findings
  • Research and develop methods of detection for currently unsupported services and products
  • Perform original research by looking for vulnerabilities in software popular with our customers, coordinating disclosures, and providing plugins to detect these findings
  • In depth understanding of common security vulnerabilities, detection and exploitation techniques
  • Demonstrably strong programming skills in at least one language.
  • Knowledge on the operation and management of network services
  • Protocol analysis and interaction
  • Experience with search engines such as Shodan and Censys.
  • Experience with git version control
  • Ability to operate independently with little supervision as well as collaborate and work with others
  • Ability to self-educate and keep up to date with current exploitation methods
  • Outstanding written and verbal communication skills
  • Ability to work within a virtualized lab environment
  • Experience working with multiple operating systems (proficiency with Linux a must)
  • Strong attention to detail and able to frequently shift priorities as needed
  • B.S. degree in Computer Science or a related field
  • 2-4 years of development experience
  • Some reverse engineering experience including basic binary analysis, packet capture analysis, and firmware analysis (using binwalk)
  • Experience with C, C++, Assembly (x86/x64 and/or ARM/ARM64) and scripting languages
  • Fuzzing experience
  • Proven experience researching vulnerabilities or participating in bug bounty programs or other security related activities
  • Experience with pentesting, researching, discovering, or publishing vulnerabilities
  • Prior experience with debuggers, disassemblers or decompilers (e.g. IDA Pro, Immunity Debugger, gdb)
  • One or more security related certifications (e.g. OSCP)
  • Experience with CVSS scoring or vulnerability classification
  • Experience with systems administration and be comfortable working at the command line

Apply