Job Description :
The ideal candidate will have exceptional hands-on vulnerability research skills, be a strong team player, and actively participate in a fast-paced and challenging global environment. Candidates must be able to work independently and demonstrate exceptional organizational and time management skills.
Responsibilities:
What kind of Researcher? Inserted directly in the SDLC and Response work flows. Part of a team of about 3-5 based in Austin Texas.
May include but not limited to: Application, Mobile, Secure coding, Web Applications, Pre-Text, reverse malware engineering, application reverse engineering and BIOS
Most likely primary focus: application reverse engineering, BIOS reverse engineer and vul/pen research. Supporting the SDLC process and working to discover and remediate with new/existing code.
Customer Set: Primarily internal business units with executive briefings. May have to prepare and communicate with end customers if an event (i.e. strategic customer, incident response)
Responsible for discovering and exploiting vulnerabilities affecting Dell software and firmware
Develop and maintain tools to assist in vulnerability research and exploit development
Participate in or work directly on, additional projects, assignments or initiatives as required
Integrate information security controls into an environment to identify risks and reduce their impact
Provide analysis of potential information security risks and recommend solutions
Communicate information security procedures to the business
Escalate issues to vendors, security team, and engineering through standard escalation processes
Qualifications:
10+ years of Information Security experience
5+ years direct or equivalent experience in areas of vulnerability research, exploit development, reverse engineering and fuzzing
In-depth knowledge and experience with Windows Operating Systems Internals (Kernel, Registry, File system, Windows APIs)
Knowledge of Windows development (C/C++/C user mode and kernel mode applications
Experience in vulnerability research, exploit development, reverse engineering and kernel debugging
Competency with any of the following tools: User and kernel-mode debuggers (WinDbg, OllyDbg/Immunity Debugger), IDA Pro, Hex-Rays, Visual Studio, Driver Verifier
Desired Qualifications:
Candidates possessing the following will be given preferential consideration
Bachelor of Science in Computer Science, Computer Engineering, or Electrical Engineering or a related technical field or equivalent professional experience
Experienced programming using x86/x64 assembly C, C++, and Python (or a comparable scripting language)
Familiar with the Metasploit framework
Source code review for control flow and security flaws
Have published security research or security bug
Possess excellent communication skills in English, both written and verbal
Excellent problem solving skills with the ability to diagnose and troubleshoot technical issues
Customer-oriented with a strong interest in customer satisfaction