---------------------------------------------------
SECURITYFOCUS JOBS - NEW OPPORTUNITY
---------------------------------------------------
JOB DESCRIPTION
---------------------------------------------------
Position: Security Researcher
Type: Permanent F/T
Closing Date: 09/20/2004
NOTE: Requires experience in reverse engineering – take executables -
Malware – and break into source codes. Therefore, strong experience with
debuggers and Assembly code is REQUIRED.
Location: San Francisco
Summary:
The Security Services team requires a Security Researcher to manage the
investigation of and response to reported security vulnerabilities in
company’s products as well as vulnerabilities in other products and
operating systems which company’s products may or should be able to
mitigate.
Essential Duties and Responsibilities:
• Receive reports of potential or known vulnerabilities in Company’s
products or other vendor's products from public and non-public sources.
• Develop tools and process to manage collection of vulnerability and
exploit reports from various sources.
• Perform testing of vulnerabilities and exploits against Company’s
products and services as well as operating systems and applications of other
vendor's which Company products should protect.
• Document exposures in Company or 3rd party applications and
configurations and factors which may mitigate the exposure.
• Create internal documentation about vulnerabilities, exploits, and
countermeasures and liaise with those responsible for producing externally
facing documentation.
• Interact with QA, product management, and engineering to appropriately
explain Company product vulnerabilities and assist in developing corrections to
deficiencies.
• Develop policies which protect against vulnerabilities and exploits.
Supervisory Responsibilities:
• No direct supervision responsibilities.
• Indirect management of internal or external vendors.
Qualifications:
• Excellent written and verbal communication skills
• Ability to manage several projects concurrently.
• Experience working with a security product or services company.
• Strong customer service focus mindset
• Ability to work within a cross-functional team.
• Ability to work under pressure with a sense of urgency.
JOB REQUIREMENTS
---------------------------------------------------
Education and/or Experience:
• Technical knowledge through education or experience:
• Security concepts especially related to development of policies,
signatures, rules, etc.
• Strong Windows operating systems knowledge and concepts
• Unix knowledge desirable
• Strong IP networking knowledge
• Ability to develop Windows applications including low level operating
system interaction, networking, and strong knowledge of the Windows API.
• Assembly language programming skills strongly desirable
Mathematical Skills:
• College level math skills
Reasoning Ability:
• Ability to analyze security vulnerabilities and determine the root cause
and the scope of the exposure.
Certificates, Licenses, Registrations:
• Windows and security-related certifications are desirable.
Physical Demands:
• Ability to work at a computer for extended periods of time.
Work Environment:
• Ability to travel occasionally ( 10%)
• Ability and willingness to be on call 24x7 for emergency response to
security events (expected to happen once a month on average).
CONTACT
---------------------------------------------------
Contact: Ludy Zoeller
DFM Inc. (Recruiting Group)
Tel: 408/205-3511
Send resumes via email: l.zoeller@comcast.net
Ludy Zoeller
Managing Partner
DFM Associates (Recruiting Group)
Mt. View, California, US
l.zoeller@comcast.net
---------------------------------------------------
SECURITYFOCUS JOBS
---------------------------------------------------
SecurityFocus now offers a way to search and manage
job opportunities and resumes which is closely tied
to this mailing list.
http://www.securityfocus.com/jobs
