Responsibilities
- Reverse engineering software to discover the root cause analysis (RCA) of vulnerabilities.
- Authoring original software exploits for initial access vulnerabilities, when little or no publicly-available proof of concept code for exploiting such vulnerabilities exists.
- Implementing detections (such as Suricata & Snort signatures, YARA rules, etc.) for identifying such initial access vulnerabilities being exploited on the wire
- Writing Attack Surface Management (ASM) queries (e.g., Shodan, Census, FOFA, & ZoomEye) for finding vulnerable systems likely to be targeted
Requirements
- Prior experience with writing exploit code for RCE / initial access vulnerabilities (that do not require authentication to exploit)
- Experience working on technical projects remotely, alone, and on small teams
Nice to Have
- Prior Cybersecurity work experience (at a vendor or in Government).
- Able to share example exploit code written.
Benefits
- Competitive salary with employee equity program
- Health, dental, and vision coverage
- Unlimited PTO
- Pension Contribution
- Remote friendly environment with flexibility
- Expense reimbursement for home internet and phone
- Ongoing professional development, coaching, and learning resources
- Opportunities for career advancement within a fast-growing team
Team
Structure: Initial Access Intelligence team
Additional Information
- This position may involve access to technology subject to U.S. export control regulations. Employment is contingent upon the company's ability to authorize access under applicable export control, sanctions, and any other applicable legal or contractual requirements. The company does not guarantee and is under no obligation to seek such authorization if it would be necessary.
