Software Security Researcher
UAE, Abu Dhabi,Abu Dhabi
منذ 3 يوم
source :

Job Role : Software SecurityResearcher

Asan Software SecurityResearcher , you will :

  • Worked on medium to large security projects
  • Analyze applications to understand how they work, wherethey have weaknesses and demonstrate how identified vulnerabilitiescan be exploited by developing Proof-of-Concepts
  • Assist management with certain requests
  • Deliver security reports by performing securityaudits
  • Nurture relationships with allclients
  • Improve testingmethodologies
  • Perform technical QA on securityreports
  • Scope security assessments
  • Develop custom scripts for vulnerability discovery duringprojects
  • Write comprehensive securityassessment reports for developers and upper management
  • Collaborate with a great team of security experts andwork in a lab environment
  • What you’llneed :

  • A degree in Computer Science,Computer Engineering or Electrical Engineering or obtained relevantsecurity certifications
  • 4+ years of experiencein Security Research and Professional work
  • Deep understanding of various software securityvulnerabilities, threats and attack vectors on differentenvironments, and reverse engineering
  • Researchexperience in software and / or devices such as Operating Systems,ICS, smart cards, web servers, Smartphones, email servers, webapplications, clients and readers etc.
  • Software development experience in at least three ofthese languages : C / C++, C#, Java, JavaScript, PHP, ObjectiveC)
  • Proficient in one or more assemblylanguages (x86 / 64, ARM, etc )
  • Expertise in one or more scripting languages (e.g.,Python, GO or Ruby)
  • Foundation in computerarchitecture, network, web technologies, Operating Systems orembedded systems
  • Understanding of iOS orAndroid Internals on Application as well as OS / kernellevel
  • Has an understanding of the internals oniOS such as IPC (Mach, XPC), Code Signing, Sandboxing, dyld sharedcache etc
  • Understand the latest securitymitigations such as PAC, PPL, and CoreTrust
  • Experience in identifying zero-days, malicious codeincluding memory corruption bugs, for example : stack overflows,heap overflows, integer overflows, and logic flaws
  • Understanding of various software securityvulnerabilities, threats and attack vectors on differentenvironments, reverse engineering and mitigationtechniques
  • Experience in binary analysis,debugging and exploit development and the relevant mitigationtechniques for various class of vulnerabilities
  • Understanding of cryptography, protocol analysis, threatmodeling, vulnerability research and fuzzing
  • Foundation in iOS / Android development of native, web andhybrid apps
  • Experience of working with securecoding methodology, best practices and their implementation withinengineering teams
  • Proven participation inresponsible disclosure of vulnerabilities, blog, Capture the Flagevents, presented at known security conferences and Bug Bountyprograms would be an advantage
  • Strongfoundations in computer architecture, network, web technologies,Operating Systems or embedded systems
  • Excellent written and verbal communication skills;including the ability to convey highly technical information tonon-technical audiences
  • بلغ عن هذه الوظيفة

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    قدِّم طلب ترشيحك
    بريدي الالكتروني
    بالضغط على "واصل" ، أعطي موافقة neuvoo على معالجة بياناتي وإرسال تنبيهات إلي بالبريد الإلكتروني ، على النحو المفصل في سياسة خصوصية لـneuvoo . يجوز لي سحب موافقتي أو إلغاء الاشتراك في أي وقت.
    استمارة الطلب