Job Description

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!

Responsibilities:

  • Research, analyze, and assess attack surface and vulnerability data
  • Develop tailored and actionable mitigation strategies and plans to address vulnerability risk
  • Work with new and emerging vulnerability data to identify potential attack paths in critical systems.
  • Document, develop and present mitigation strategies in web applications, databases, standalone applications, etc.
  • Analyze the root cause of vulnerabilities and support the prioritization of mitigations based on risk and return on mitigation
  • Provide mitigation strategies that prioritize risk against level of effort for multiple systems or organizations
  • Catalog mitigation advice, challenges, and trends and patterns
  • Patch diffing and reverse engineering with tools such as Ghidra, IDA, etc.
  • Provide subject matter expertise on tailored mitigations to resolve and remediate vulnerabilities on targeted technologies
  • Work in fast-paced startup like environment with shifting priorities to handle and maintain balance with multiple stakeholders.
  • Conduct research to assess and create software patches and configuration changes to be applied to varied software, middleware and hardware
  • Provide assessment including security, system, and business impact of vulnerabilities
  • Must be able to think ahead to avoid business outages based on the lab results
  • Analyze vulnerability data and support management of identified vulnerabilities, including tracking, remediation, and reporting

    • Desired Skills:

  • Excellent understanding of network, system and application security
  • Experience with IDA Pro, Ghidra, or similar binary analysis tool
  • Knowledge of various vulnerability scanning solutions is a plus
  • Excellent written and verbal communication
  • Graduate with preferable 4 years degree or at least 3-year degree with computer science and information technology background
  • Secure architecture designs and use of detection/protection mechanisms (e.g., firewalls, IDS/IPS, full-packet capture technologies) to mitigate risk
  • A solid understanding of industry best practices for Patch Management
  • Specific demonstrated experience mapping business processes and comparing those processes to industry best practices
  • Background around using or understanding of security tools would be plus
  • Solid understanding of the security implications of a patch on web applications, Windows, Linux, Mac OS operating systems
  • Thorough testing of patches in a non-production environment
  • Have working knowledge of basic operation systems commands and tooling - Windows, Linux, Mac OS
  • Should have very good communication and articulation skills
  • Ability and ready to learn new technology and should be a good team player

    • What you get to do:

    Work within Threat Research, detection and response teams and analysts to define the priority, design the solution, and contribute to build framework for patching vulnerabilities

    Apply for this Position

    Ready to join ? Click the button below to submit your application.

    Submit Application