Security Research Engineer

About The Position

Requirements

• 3+ years of experience in vulnerability research or a closely related area such as exploit or mitigation development on Linux Systems
• 3+ years’ experience with C/C++, and a scripting language (e.g., Python), and assembly (e.g., x86/x64, ARM, etc.)

Nice To Haves

• Bachelor’s degree or equivalent in Computer Science, Electrical Engineering, Cyber Security, or other tech-related degree
• Experience with Linux internals
• Experience with binary auditing and reverse engineering, and with related tools such as IDA Pro, Binary Ninja, Ghidra, etc. and with plugin development.
• Experience with common vulnerabilities and methods of exploitation, such as memory corruption, web application exploitation, file format vulnerabilities, protocol-based weaknesses, etc.
• Knowledge of common file formats, network protocol structures, and enterprise networking architecture
• Ability to work independently with minimum supervision and to tackle additional tasks as the need arises.

Responsibilities

• Security research including development of tools for vulnerability analysis and mitigation.
• Development of static and run-time analysis tools to figure out root cause and input conditions related to a vulnerability.
• Vulnerability triage and proof of concept exploit development to support the creation of detection content.
• Write detailed technical reports, summaries, and testing methodologies
• Research emerging technologies, protocols, and testing methodologies
• Develop proof of concept exploits for testing vulnerability mitigations
• Perform patch analysis to find and trigger vulnerabilities.
• Reverse engineer binary applications, protocols, and formats.
• Analyze vulnerabilities and emerging security threats and technologies.
• Provide critical security focused expertise to engineering organizations

Benefits

• medical, dental and vision insurance
• a 401(k) plan with a Cisco matching contribution
• paid parental leave
• short and long-term disability coverage
• basic life insurance
• grants of Cisco restricted stock units
• 10 paid holidays per full calendar year
• 1 floating holiday for non-exempt employees
• 1 paid day off for employee’s birthday
• paid year-end holiday shutdown
• 4 paid days off for personal wellness
• 16 days of paid vacation time per full calendar year (non-exempt)
• flexible vacation time off program (exempt)
• 80 hours of sick time off provided on hire date and each January 1st thereafter
• up to 80 hours of unused sick time carried forward
• Additional paid time away may be requested to deal with critical or emergency issues for family members
• Optional 10 paid days per full calendar year to volunteer
• annual bonuses (non-sales roles)
• performance-based incentive pay (sales roles)