Description du poste
We are seeking highly skilled and motivated Security Research Experts to join a project focused on analyzing crashing inputs in open-source software. The successful candidates will be responsible for triaging crashes, identifying security vulnerabilities, assessing their real-world impact, and developing proof-of-concept (PoC) exploits. This role requires a deep understanding of vulnerability research, reverse engineering, and exploit development.
Responsibilities:
- Triage and validate crash reports to determine their security relevance.
- Perform in-depth root cause analysis of complex software vulnerabilities.
- Assess the exploitability of vulnerabilities and determine their potential impact.
- Develop reliable PoC exploits for confirmed security vulnerabilities.
- Clearly and concisely document all findings, including root cause, reproduction steps, and security impact.
Main Requirements:
- Proven experience in vulnerability research, reverse engineering, and exploit development.
- Strong understanding of common vulnerability classes, especially memory corruption bugs (e.g., buffer overflows, use-after-free, type confusion).
- Proficiency with debugging and analysis tools such as GDB, WinDbg, IDA Pro, or Ghidra.
- Hands-on experience with dynamic analysis tools and sanitizers (e.g., ASan, UBSan, Valgrind).
- Familiarity with modern exploit mitigation techniques (e.g., ASLR, DEP/NX, Stack Canaries, CFI).
- Solid understanding of operating system internals, memory management, and computer architecture.
- Excellent written and verbal communication skills, with the ability to produce clear and comprehensive technical documentation.
Logistics:
- Pay range: $55 - $75/hr depending on experience
- Expected weekly hours: 10-40
- Location requirements: remote, global (U.S. preferred).
Emplois favoris
Vous devez être connecté pour pouvoir ajouter un emploi aux favoris
Connexion ou Créez un compte