As an Full Time employee - IT Security Reseacher you will be responsible for:
Expertise and experience in reviewing code and scan output for security issues.
Research new IT Security frontiers.
Conducts penetration testing and vulnerability assessments.
Performs advanced analysis and/or reverse engineering of suspect source code.
Writes scripts and develops software utilities to automate security analysis efforts.
Develops and maintains code used to find weaknesses in systems and to verify patch effectiveness.
Research, develop, implement, test and document tools, techniques and tactics used by adversaries to compromise and maintain control of information assets.
The Security Researcher will be responsible for identifying new threats.
To succeed in this role, you must possess a strong technical knowledge of web-based threats, have truly impressive scripting skills and live to identify the next attack vector, no matter how deep it’s hidden.
Researching new vulnerabilities in high-profile products.
Here's what we are looking for:
Bachelor's degree or the equivalent in experience.
Minimum 1-3 years of experience in IT Security.
Knowledge of vulnerabilities across various development platform and expertise with language specific vulnerability remediation measures.
Strong affinity for security research and development (exploits and tools).
Hands-on knowledge of common scanning tools as well as developing in house tools to improve delivery where necessary.
Expert level understanding of OWASP Top 10, SANS Top 25.
Strong understanding of Web and Mobile Application Security concepts, tools and technologies.
Strong knowledge of API and Web Services security and coding best practices.
Experience with penetration testing tools and technologies; application layer assessment tools, such as local proxies and fuzzers.
Experience with threat modelling and security design review methodologies.
Able to write own exploits.
Proficient in one or more general purpose development languages such as Python, Ruby, bash, or PowerShell.