SENIOR VULNERABILITY RESEARCHER

The role

Do you love tearing binaries apart? Does finding and exploiting critical vulnerabilities fill you with joy? Do you know your heap from your stack? Is being surrounded by smart and supportive peers really important to you?

If you answered ‘yes’ to these questions then we have something for you.

We have spent the last few years developing a highly technical and highly driven research team. Within that team, we have just created a new senior level position. We’d love the opportunity to help you develop your impressive skills even further.

You’ll find yourself engaging in cutting edge cyber security research alongside a high performing team of diverse and supportive peers.

If this sounds interesting, keep on reading. We’d love to welcome you to our team!

Apply Now!

Location

This role is remote and is open to applicants around the world.

What you’ll be doing

As a senior vulnerability researcher within our research team, you’ll primarily be:

Searching for directly exploitable vulnerabilities in desktop and mobile software commonly used to support large organizations, especially in Microsoft Windows.
Creating exploits for both internally and externally discovered vulnerabilities.
Reverse engineering patches in enterprise grade software in order to discover newly patched vulnerabilities.
Supporting the development of our Command & Control (C2) software, with a particular focus on developing payloads.
Creating content, such as blog posts, detailing your latest technical findings.
Working closely with a team of researchers and red teamers as a mutually trusted authority on security research.

The majority of our vulnerability research is internally sponsored. As an expert in your field, you will help shape the direction of your research, based on industry trends and Nettitude objectives.

Our vulnerability research is primarily designed to 1) showcase our technical capabilities 2) support our offensive security teams with delivering assurance services such as red teaming.

We operate a coordinated disclosure policy to ensure there is a responsible and balanced approach towards ensuring user safety. There may be occasions where vulnerability research is sponsored by a trusted third party or held internally for a longer period of time. In all cases, we ensure ethical conduct is our top priority.

You’ll be working closely with our red team to help ensure that we’re always able to mimic real threat actors by adopting various tactics, techniques and procedures, typically at a sophisticated level. Your research and development will support our ability to continue providing top tier red team services to global organizations, as well as provide value to those in defensive security positions in the wider world.

Essential skills

As a senior vulnerability researcher, you’ll have the ability to conduct high quality vulnerability research and exploit development.

Essential skills and experience include:

A demonstrable history of identifying and exploiting vulnerabilities in Microsoft Windows applications and/or device drivers.
Expertise in exploit mitigation techniques on the latest Windows Operating Systems.
A deep knowledge of Windows internals.
The ability to reverse engineer x86/x64 executables and CLR assemblies.
The ability to utilize debuggers and other dynamic analysis tooling for vulnerability research.
Low level programming skills, e.g. one or more of C++, C, Assembly, etc.
Higher level programming skills, e.g. one or more of C#, VBA, Java, CPython, Python, etc.
The ability to conduct research in an effective and accountable manner.
The desire to be part of a diverse and inclusive team of experts who value and promote one another.

Certificates will be considered as a bonus, but they’re not essential. You’ll be able to demonstrate practical technical skill and experience, with or without a certificate.

Desirable skills

The following skills and experience are various levels of nice-to-have:

Reverse Engineering capability with architectures beyond x86/x64, e.g. ARM.
A demonstrable history of identifying and exploiting vulnerabilities in software commonly found in large organizations.
Familiarity with techniques for evading Anti-Virus and Endpoint Detection & Response (EDR) software.
An understanding of mobile device security across various operating systems and hardware.
Red Team tradecraft and tooling.
Applying software engineering techniques for writing safe, effective and maintainable code.
Agile development environments and use of CI/CD pipelines.
Conference speaking, blog creation and whitepaper creation.

Anything else that could reasonably be highlighted as useful for this role would be carefully considered. If you feel you have skills that supplement this list, you’re encouraged to highlight them to us.

What we offer

There are lots of good reasons to come and work for our research team here at Nettitude.

We focus on our people and on opportunities. It’s important to us that our people genuinely feel part of something important and that they have continuous opportunity to learn and develop. We always have bold plans that are expertly met, which simply wouldn’t be possible without our great team.

Specifically, every person who works with us can expect:

To be a valued member of an inclusive, supportive and high performing team.
To be part of an exciting environment that presents continuous intellectual challenges.
The opportunity to attend conferences and training in an array of both technical and non-technical areas.
The opportunity to mentor and to be mentored. Personal and technical growth is really important to us.
Access to a wide array of tooling; both private and public; both free and commercial.
Competitive and regularly reviewed remuneration.
Career development opportunities in a multitude of directions and with our utmost support.

If you believe there’s a mutual fit then we’d love to hear from you.

About Nettitude

Nettitude is an LRQA company. We’ve been around since 2003 and our focus has always been on excellence in cyber security. We have teams that offer world class services in red teaming, penetration testing, threat intelligence, research and development, detection and response, governance, risk, and compliance, and plenty more. Our business is global and so are our clients. We work closely with central banks, central and local government, critical national infrastructure, large retailers, and plenty more besides!

We’re an award winning provider of cyber security services and we’re are at a very exciting stage of development. We strive to make the world a safer place and to continue to do that, we need people like you. You can find out more about us at www.nettitude.com. If you want to review our research and tooling, then head on over to https://labs.nettitude.com.