Senior Vulnerability Researcher

Budapest, Hungary

Apply See all jobs

The Senior Vulnerability Researcher in the Vulnerability Research Lab is responsible for leading vulnerability research and supporting the related product feature development. The Researcher supports other departments with finding solutions to problems where deep level understanding of network protocols and debugging is needed.

Main responsibilities

  • Create CUJO AI responsible disclosure program
  • Find 0-day vulnerabilities in IoT devices
    • Implement exploit code for known and unknown vulnerabilities
    • Report vulnerabilities to the vendors
    • Write blog posts about the findings
    • Present findings at conferences
  • Help other departments where deep level understanding of network protocols and debugging is needed
    • Understand the problem related to network protocols
    • Debug the issue
    • Help finding the solutions for these problems, co-operate with other departments
    • Provide guidance in implementing the solutions
  • Create custom scripts for Active Scanning
  • Support Vulnerability Research Projects

Technical competencies

  • In-depth experience with security threats, vulnerability research along with practicing security development lifecycle practices
  • Knowledge of adversarial tools, techniques, and procedures within the context of the ATT&CK framework or equivalent
  • Solid reverse engineering skills
  • Solid penetration testing skills
  • Solid memory corruption/binary exploitation skills
  • Exploitation and mitigation technique developments
  • Understanding of vulnerabilities, exploits, and the latest attack vectors
  • Expert in programming skills in Python or a similar language. Familiarity with development tools such as Git and Jira
  • Security-relevant context with standard protocols: TCP/IP, HTTP, DNS
  • Deep level hands-on experience with system investigation and penetration tester tools like WireShark, TCPDump, Nmap, Metasploit, Nessus/OpenVAS, etc.
  • Ability and desire to work across Technology, R&D, Product and Marketing teams. This is not meant to be a siloed research-only position
  • Knowledge of computer architecture CPU, SoC, chipsets, BIOS, Firmware, Drivers, and others
  • An understanding on the current and developing IoT landscape (technologies/services) and the cyber threats that are used to compromise these technologies and services
  • Ability to research, author, and present technical security concepts
  • Proficiency in C and one or more scripting languages
  • Experience in developing research infrastructure and tools in Python

Behavioral competencies

  • Possess the ability to understand new concepts quickly, and apply them accurately through an evolving, dynamic environment
  • Demonstrable passion for cyber security including continual learning about new security controls, adversary tools, and offensive techniques
  • Ability to work autonomously in a less structured startup type environment
  • Ability to efficiently collaborate with cross-functional teams
  • Strong team player with a can-do attitude and a drive to take ownership and initiative

Benefits and Perks

  • Ability to work flexible hours
  • Offices across the world
  • Opportunity to learn from highly skilled colleagues
  • Ambitious projects and meaningful cause
  • Modern development equipment
  • Conferences, training, books – anything for your development

Open positions

Choose a team:

All

Services

R&D

Analytics and Research

Operations