Title : Senior Vulnerability Researcher Location : Solihull (2-3 days onsite, 2-3 days from home) Salary : Up to 80,000 depending on experience Clearance : There is a requirement to obtain SC clearance (possibly DV) as part of this role after employment, so please only apply if you are eligible and happy to go through the process. Our client, a cutting edge technology company involved in National Critical Infrastructure projects, is seeking a Senior Vulnerability Researcher to join their team. As a Senior Vulnerability Researcher, you will have a unique opportunity to work on and support cutting-edge cyber security and networking technologies on a national and international scale. You will be involved in research and development to secure telecommunications networks, making the UK the safest place to live and do business online. Working as part of a small team of Vulnerability Researchers, you will be responsible for tackling challenging cyber problems with a meaningful impact on national security. You will play a key role in establishing an industry-leading security facility. This role requires a strong focus on continuous learning and development, both for yourself and the team. You will have the opportunity to build a wider network of VR specialists across the telecoms industry, promoting knowledge sharing and skills development. You will need to have: Experience in multiple VR roles and/or organisations. A deep understanding of hardware and software development lifecycles and their impact on security practices. Applied knowledge of cryptographic algorithms. Knowledge of data structures, distributed systems, and virtualisation technologies. Reverse engineering experience and proficiency with debuggers. If you are an experienced and advanced Security Tester/Researcher, wanting to continue your development in an environment that can offer you the surroundings to grow and thrive, please apply for more information.
Apr 26, 2024
Full time
Title : Senior Vulnerability Researcher Location : Solihull (2-3 days onsite, 2-3 days from home) Salary : Up to 80,000 depending on experience Clearance : There is a requirement to obtain SC clearance (possibly DV) as part of this role after employment, so please only apply if you are eligible and happy to go through the process. Our client, a cutting edge technology company involved in National Critical Infrastructure projects, is seeking a Senior Vulnerability Researcher to join their team. As a Senior Vulnerability Researcher, you will have a unique opportunity to work on and support cutting-edge cyber security and networking technologies on a national and international scale. You will be involved in research and development to secure telecommunications networks, making the UK the safest place to live and do business online. Working as part of a small team of Vulnerability Researchers, you will be responsible for tackling challenging cyber problems with a meaningful impact on national security. You will play a key role in establishing an industry-leading security facility. This role requires a strong focus on continuous learning and development, both for yourself and the team. You will have the opportunity to build a wider network of VR specialists across the telecoms industry, promoting knowledge sharing and skills development. You will need to have: Experience in multiple VR roles and/or organisations. A deep understanding of hardware and software development lifecycles and their impact on security practices. Applied knowledge of cryptographic algorithms. Knowledge of data structures, distributed systems, and virtualisation technologies. Reverse engineering experience and proficiency with debuggers. If you are an experienced and advanced Security Tester/Researcher, wanting to continue your development in an environment that can offer you the surroundings to grow and thrive, please apply for more information.
Must have active enhanced DV (West) Clearance Up to £85k DoE plus 15% clearance bonus Full time on site in Cheltenham Skills required in problem solving, IDA Pro, Wireshark, Kali, C/C++, Cryptography Who are we? We are seeking a dynamic and resourceful individual to join our team as a Security Researcher. The ideal candidate will possess a unique blend of pragmatism, logical reasoning, creativity, and motivation to tackle complex problems in the field of cybersecurity. This role involves drawing on extensive experience, generalising prior knowledge, and applying reasoning to methodically work through challenging issues, often utilising new or unconventional techniques. Key Skills and Requirements Broad and diverse background in computing, covering multiple technologies and areas. Experience in areas outside the computing field is also valued for unique problem-solving approaches. Proficiency in low-level languages such as C or C++, with experience in assembly-level code being highly advantageous. Understanding of binary notation, common memory structures, and the role of the stack in program execution and branching. Development work involved in most projects; knowledge of high-level languages like Python or Java is required. IDA Pro/HexRays, Ghidra, WinDbg, GDB, BinaryNinja, OllyDbg, or Immunity. Wireshark, TCPDump, Scapy, BurpSuite. Kali, BlackArch, PwnTools. Demonstrate understanding of simple attacks such as buffer overflow and string format vulnerabilities. Explain mitigations and defences against these techniques. Desirable experience in web application security testing, iOS or Android system internals, and a solid grasp of cryptography. Enthusiastic about technology and actively pursues the field outside standard working hours. TO BE CONSIDERED . Please either apply by clicking online or emailing me directly at . For further information please call me on or - I can make myself available outside of normal working hours to suit from 7 am until 10 pm. If unavailable, please leave a message and either myself or one of my colleagues will respond. By applying for this role, you give express consent for us to process & submit (subject to required skills) your application to our client in conjunction with this vacancy only. Also feel free to connect with me on LinkedIn, just search for Henry Clay-Davies. I look forward to hearing from you. KEY SKILLS: Security Researcher / Cybersecurity / C / C++ / Python / Java / Cheltenham / Security Cleared / DV / DV Cleared / Enhanced Clearance JBRP1_UKTJ
Apr 22, 2024
Full time
Must have active enhanced DV (West) Clearance Up to £85k DoE plus 15% clearance bonus Full time on site in Cheltenham Skills required in problem solving, IDA Pro, Wireshark, Kali, C/C++, Cryptography Who are we? We are seeking a dynamic and resourceful individual to join our team as a Security Researcher. The ideal candidate will possess a unique blend of pragmatism, logical reasoning, creativity, and motivation to tackle complex problems in the field of cybersecurity. This role involves drawing on extensive experience, generalising prior knowledge, and applying reasoning to methodically work through challenging issues, often utilising new or unconventional techniques. Key Skills and Requirements Broad and diverse background in computing, covering multiple technologies and areas. Experience in areas outside the computing field is also valued for unique problem-solving approaches. Proficiency in low-level languages such as C or C++, with experience in assembly-level code being highly advantageous. Understanding of binary notation, common memory structures, and the role of the stack in program execution and branching. Development work involved in most projects; knowledge of high-level languages like Python or Java is required. IDA Pro/HexRays, Ghidra, WinDbg, GDB, BinaryNinja, OllyDbg, or Immunity. Wireshark, TCPDump, Scapy, BurpSuite. Kali, BlackArch, PwnTools. Demonstrate understanding of simple attacks such as buffer overflow and string format vulnerabilities. Explain mitigations and defences against these techniques. Desirable experience in web application security testing, iOS or Android system internals, and a solid grasp of cryptography. Enthusiastic about technology and actively pursues the field outside standard working hours. TO BE CONSIDERED . Please either apply by clicking online or emailing me directly at . For further information please call me on or - I can make myself available outside of normal working hours to suit from 7 am until 10 pm. If unavailable, please leave a message and either myself or one of my colleagues will respond. By applying for this role, you give express consent for us to process & submit (subject to required skills) your application to our client in conjunction with this vacancy only. Also feel free to connect with me on LinkedIn, just search for Henry Clay-Davies. I look forward to hearing from you. KEY SKILLS: Security Researcher / Cybersecurity / C / C++ / Python / Java / Cheltenham / Security Cleared / DV / DV Cleared / Enhanced Clearance JBRP1_UKTJ
Our world class team of Vulnerability Researchers and Reverse Engineers tackle some of the most interesting problems with a meaningful and tangible impact on the national security of the UK. We are growing our VR team significantly and are looking for a diverse range of talent from experienced Vulnerability Researchers with a proven track record to those with a keen interest and aptitude looking to develop their skills in this exciting space! We have a community of technical specialists with a friendly and inclusive culture with great opportunities to learn from experts and make use of a carefully curated training plan with some of the best trainers and conferences available. Our focus is on a wide variety devices, platforms and technologies. VR, RE or development experience with mobile (Android, IOS), firmware, Linux, IoT and Windows is useful but most important is a willingness to learn as all of our projects bring new and interesting challenges. What you will be doing for us: Performing Vulnerability Research and Reverse Engineering to handle complex and unique challenges across a myriad of platforms. Learning to use tools like Ghidra, IDA Pro, Unicorn and Frida plus developing bespoke tooling when needed. Working in a vibrant and inclusive team of specialists where success often comes from teamwork and a diverse approach to solving problems. Developing junior members of staff with a keen interest in RE and VR to realise their potential. Ideal candidate background: An interest and aptitude for Vulnerability Research, Reverse Engineering, and Exploit Development (either from a professional background or by demonstrating an aptitude e.g. by playing capture the flag challenges). Low-level knowledge in how languages function across the application stack from assembly through to interpreted languages and everything in between. Understanding of the exploit development lifecycle from identifying bugs up to fully developed proof of concepts. Proficient in at least one programming language (e.g. Python, Java, C#, C++) How you will be supported: Work-life balance is important; you'll get 25 days holiday a year and, via our flexible benefits package the option to buy/sell and carry over from the year before You can work around core hours with flexible and part-time working Our flexible benefits package includes; private medical and dental insurance, a competitive pension scheme, cycle to work scheme, taste cards and more You'll have a dedicated Career Manager to help you develop your career and guide you on your journey through BAE Systems Applied Intelligence Don't know a particular technology? Your learning and development is key to your future career You'll be part of our bonus scheme You are welcome to join any/all of our Diversity and Support groups. These groups cover everything from gender diversity to mental health and wellbeing. Life at BAE Systems Digital Intelligence We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day. By embracing technology, we can interact, collaborate and create together, even when we're working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance wellbeing. Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential. About BAE Systems Digital Intelligence We use our intelligence-led insights to help defend Governments, Nations and Societies from cyber-attacks and financial crime. Our customers depend on our evolving capabilities to help them safely grow their organisations. Our unprecedented access to threat intelligence, world-leading analysts and market-leading technology means we can help them to adapt, evolve and stay ahead of the criminals.
Sep 24, 2022
Full time
Our world class team of Vulnerability Researchers and Reverse Engineers tackle some of the most interesting problems with a meaningful and tangible impact on the national security of the UK. We are growing our VR team significantly and are looking for a diverse range of talent from experienced Vulnerability Researchers with a proven track record to those with a keen interest and aptitude looking to develop their skills in this exciting space! We have a community of technical specialists with a friendly and inclusive culture with great opportunities to learn from experts and make use of a carefully curated training plan with some of the best trainers and conferences available. Our focus is on a wide variety devices, platforms and technologies. VR, RE or development experience with mobile (Android, IOS), firmware, Linux, IoT and Windows is useful but most important is a willingness to learn as all of our projects bring new and interesting challenges. What you will be doing for us: Performing Vulnerability Research and Reverse Engineering to handle complex and unique challenges across a myriad of platforms. Learning to use tools like Ghidra, IDA Pro, Unicorn and Frida plus developing bespoke tooling when needed. Working in a vibrant and inclusive team of specialists where success often comes from teamwork and a diverse approach to solving problems. Developing junior members of staff with a keen interest in RE and VR to realise their potential. Ideal candidate background: An interest and aptitude for Vulnerability Research, Reverse Engineering, and Exploit Development (either from a professional background or by demonstrating an aptitude e.g. by playing capture the flag challenges). Low-level knowledge in how languages function across the application stack from assembly through to interpreted languages and everything in between. Understanding of the exploit development lifecycle from identifying bugs up to fully developed proof of concepts. Proficient in at least one programming language (e.g. Python, Java, C#, C++) How you will be supported: Work-life balance is important; you'll get 25 days holiday a year and, via our flexible benefits package the option to buy/sell and carry over from the year before You can work around core hours with flexible and part-time working Our flexible benefits package includes; private medical and dental insurance, a competitive pension scheme, cycle to work scheme, taste cards and more You'll have a dedicated Career Manager to help you develop your career and guide you on your journey through BAE Systems Applied Intelligence Don't know a particular technology? Your learning and development is key to your future career You'll be part of our bonus scheme You are welcome to join any/all of our Diversity and Support groups. These groups cover everything from gender diversity to mental health and wellbeing. Life at BAE Systems Digital Intelligence We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day. By embracing technology, we can interact, collaborate and create together, even when we're working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance wellbeing. Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential. About BAE Systems Digital Intelligence We use our intelligence-led insights to help defend Governments, Nations and Societies from cyber-attacks and financial crime. Our customers depend on our evolving capabilities to help them safely grow their organisations. Our unprecedented access to threat intelligence, world-leading analysts and market-leading technology means we can help them to adapt, evolve and stay ahead of the criminals.
About the role A White Hat hacker tests systems and networks by trying to break into them. They are hackers, but their talents are being used to improve Cyber Security. Being hackers, they are familiar with the tactics that malicious hackers use to compromise systems; White Hat hackers try to find the vulnerabilities before the bad guys do. Will act as Ethical white hat attacker (red teamer) to simulate cyber-attacks, and/or Defensive cybersecurity personnel (blue teamer) to harden against simulated attacks. Develops and prepares penetration testing Rules of Engagement, test plans, and reports. Provides recommended remediation actions to lower overall risk exposure, as required. Provides technical expertise on penetration testing tools and simulation environment. Knowledge of OWASP Top 10, CWE/SANS Top 25, Threat Modeling, understanding application architecture, design, and functionalities with an interest in performing penetration testing of diverse and challenging IT systems and applications. Key responsibilities Researching the intended application or system target via both open-source and dark-web channels Scanning target networks and systems with commercial, open-source, or custom vulnerability scanners Identify potential vulnerabilities that can be exploited Based on the vulnerabilities designing a plan of attack that can includes: Exploiting software vulnerabilities, systemic vulnerabilities, Input / output manipulation, or any combination of those factors Testing business logic vulnerabilities Bypassing existing security controls such as one-time passwords, tokens etc. Able to develop scripts (e.g Python, Shell, PowerShell, Ruby, Perl etc) to be used a payload and exploiting vulnerabilities Drive remediation by outlining a defence-in-depth approach to business stakeholders and providing strategic solutions to developers on effective security controls and counter measures. Technical writing and presentation skills to report and articulate the vulnerability assessment results to any audience. What you'll bring Deep knowledge of network protocols (IPV6, DNS, HTTP, etc) and accompanying tools (Wireshark, TCPDump, etc) Understanding of network administration of Routers and Switching technology (CCNA a plus) Understanding of and the ability to perform penetration testing Understanding of penetration testing tools and techniques (Kali, Backtrack, Metasploit) Understanding of how malicious software works (malware, trojans, rootkits, etc) Certifications Canididates should possess any one of the following industry certifications CISSP - ISC2 Offensive Security Certified Professional Certified Ethical Hacker Certified Pentester Web Application Penetration Tester (GWAPT) Exploit Researcher and Advanced Penetration Tester (GXPN) What we'll offer you We strongly believe that everybody's career path is different. We will proactively support your professional development and accelerated career progression - including opportunities to grow your capability and deliver. We work in an environment that encourages entrepreneurial spirit, and although collaboration is at the core of the way we work, we also recognise individual needs with a flexible benefits package you can tailor to suit you. Why we're different At Capgemini, we help organisations across the world become more agile, more competitive and more successful. Smart, tailored, often-ground-breaking technical solutions to complex problems are the norm. But so, too, is a culture that's as collaborative as it is forward thinking. Working closely with each other, and with our clients, we get under the skin of businesses and to the heart of their goals. You will too. Capgemini is proud to represent nearly 130 nationalities and the cultural diversity that brings. Our holistic definition of diversity extends beyond gender, gender identity, sexual orientation, disability, ethnicity, race, age and religion. Capgemini views diversity as everything that makes us who we are as an organization, including our social background, our experiences in life and work, our communication styles and even our personality. These dimensions contribute to the type of diversity we value the most: diversity of thought. About us A global leader in consulting, technology services and digital transformation, Capgemini is at the forefront of innovation to address the entire breadth of clients' opportunities in the evolving world of cloud, digital and platforms. Building on its strong 50-year heritage and deep industry-specific expertise, Capgemini enables organizations to realize their business ambitions through an array of services from strategy to operations. Capgemini is driven by the conviction that the business value of technology comes from and through people. It is a multicultural company of 200,000 team members in over 40 countries. The Group reported 2018 global revenues of EUR 13.2 billion. People matter, results count.
Sep 23, 2022
Full time
About the role A White Hat hacker tests systems and networks by trying to break into them. They are hackers, but their talents are being used to improve Cyber Security. Being hackers, they are familiar with the tactics that malicious hackers use to compromise systems; White Hat hackers try to find the vulnerabilities before the bad guys do. Will act as Ethical white hat attacker (red teamer) to simulate cyber-attacks, and/or Defensive cybersecurity personnel (blue teamer) to harden against simulated attacks. Develops and prepares penetration testing Rules of Engagement, test plans, and reports. Provides recommended remediation actions to lower overall risk exposure, as required. Provides technical expertise on penetration testing tools and simulation environment. Knowledge of OWASP Top 10, CWE/SANS Top 25, Threat Modeling, understanding application architecture, design, and functionalities with an interest in performing penetration testing of diverse and challenging IT systems and applications. Key responsibilities Researching the intended application or system target via both open-source and dark-web channels Scanning target networks and systems with commercial, open-source, or custom vulnerability scanners Identify potential vulnerabilities that can be exploited Based on the vulnerabilities designing a plan of attack that can includes: Exploiting software vulnerabilities, systemic vulnerabilities, Input / output manipulation, or any combination of those factors Testing business logic vulnerabilities Bypassing existing security controls such as one-time passwords, tokens etc. Able to develop scripts (e.g Python, Shell, PowerShell, Ruby, Perl etc) to be used a payload and exploiting vulnerabilities Drive remediation by outlining a defence-in-depth approach to business stakeholders and providing strategic solutions to developers on effective security controls and counter measures. Technical writing and presentation skills to report and articulate the vulnerability assessment results to any audience. What you'll bring Deep knowledge of network protocols (IPV6, DNS, HTTP, etc) and accompanying tools (Wireshark, TCPDump, etc) Understanding of network administration of Routers and Switching technology (CCNA a plus) Understanding of and the ability to perform penetration testing Understanding of penetration testing tools and techniques (Kali, Backtrack, Metasploit) Understanding of how malicious software works (malware, trojans, rootkits, etc) Certifications Canididates should possess any one of the following industry certifications CISSP - ISC2 Offensive Security Certified Professional Certified Ethical Hacker Certified Pentester Web Application Penetration Tester (GWAPT) Exploit Researcher and Advanced Penetration Tester (GXPN) What we'll offer you We strongly believe that everybody's career path is different. We will proactively support your professional development and accelerated career progression - including opportunities to grow your capability and deliver. We work in an environment that encourages entrepreneurial spirit, and although collaboration is at the core of the way we work, we also recognise individual needs with a flexible benefits package you can tailor to suit you. Why we're different At Capgemini, we help organisations across the world become more agile, more competitive and more successful. Smart, tailored, often-ground-breaking technical solutions to complex problems are the norm. But so, too, is a culture that's as collaborative as it is forward thinking. Working closely with each other, and with our clients, we get under the skin of businesses and to the heart of their goals. You will too. Capgemini is proud to represent nearly 130 nationalities and the cultural diversity that brings. Our holistic definition of diversity extends beyond gender, gender identity, sexual orientation, disability, ethnicity, race, age and religion. Capgemini views diversity as everything that makes us who we are as an organization, including our social background, our experiences in life and work, our communication styles and even our personality. These dimensions contribute to the type of diversity we value the most: diversity of thought. About us A global leader in consulting, technology services and digital transformation, Capgemini is at the forefront of innovation to address the entire breadth of clients' opportunities in the evolving world of cloud, digital and platforms. Building on its strong 50-year heritage and deep industry-specific expertise, Capgemini enables organizations to realize their business ambitions through an array of services from strategy to operations. Capgemini is driven by the conviction that the business value of technology comes from and through people. It is a multicultural company of 200,000 team members in over 40 countries. The Group reported 2018 global revenues of EUR 13.2 billion. People matter, results count.
Job Summary An operational cyber researcher is able to plan and perform research into a wide range of systems and technologies with a focus on discovering and exploiting weaknesses in their design or implementation. The role provides technical guidance for customers as well as supporting bids and proposals. An operational cyber researcher has broad skills which generally involve, but are not limited to, the following activities: Exploratory Research. Vulnerability & Technical Research. Experimental Development. Key Responsibilities Researchers undertaking exploratory research are expected to: Rapidly summarise and assess new domains. Provide domain knowledge for technical analysis, experimental development and subsequent engineering. Researchers undertaking vulnerability & technical research are expected to: Know which pen-testing and reverse engineering tools and methodologies are appropriate to a given problem. Have experience of advanced vulnerability assessment techniques such as fuzzing and code injection. Researchers undertaking experimental development are expected to: Develop, assess and prioritize prototype and simulated capabilities. Mandatory Skills and Experience Required A wide range of skills are required for Operational Research. The number one skill is being able to think systematically and take logical steps towards deconstructing a complex system. For lower-level work, an intermediate/advanced understanding of how computers work is important (eg knowing the difference between the heap and the stack, and between compiled and interpreted languages). More required skills for this role include: Skills General: Technical writing Presentation skills Innovative problem solving Team working Technical Analysis: Scripting (e.g. with Python) Rapid development of prototypes or simulations (e.g. with C#) Other Desirable Skills and Experience As well as the above, an Operational Cyber Researcher will need skills and experience in at least one of the areas below. An ideal candidate will cover several areas. Skills Technical Analysis: Network traffic analysis Reverse engineering Vulnerability analysis Exploit development Exploratory Research: OSINT and interacting with SMEs Developing new research skills as appropriate General: Technical Leadership Team management Knowledge Exploratory Research: Network architecture and security Risk assessment Systems engineering Architectural frameworks Technical Analysis: Processor architecture Operating systems and firmware Standard and domain-specific protocols and data formats Experimental Development: Software development life cycle Assured development practices (at a high-level) Technology A wide range of tools exist, and the researcher should be able to determine which are most appropriate for a given task. Types of tools used include: Scripting languages (e.g. Python); Traffic capture and analysis tools (e.g. Wireshark); Disassemblers (e.g. IDA Pro); Debuggers (e.g. gdb); Decompilers (e.g. Hex-Rays Decompiler); Virtualization environments; Integrated development environments; Domain-specific simulation and development tools. Security Clearance is required for this vacancy. If you are not currently Security Cleared, you will need to be eligible for this and willing to go through the process. For more guidance on National Security Vetting please click here. Life at BAE Systems Digital Intelligence We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day. By embracing technology, we can interact, collaborate and create together, even when we re working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance wellbeing. Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential. About BAE Systems Digital Intelligence We use our intelligence-led insights to help defend Governments, Nations and Societies from cyber-attacks and financial crime. Our customers depend on our evolving capabilities to help them safely grow their organisations. Our unprecedented access to threat intelligence, world-leading analysts and market-leading technology means we can help them to adapt, evolve and stay ahead of the criminals. Division overview: Government At BAE Systems Digital Intelligence, we pride ourselves in being a leader in the cyber defence industry, and Government contracts are an area we have many decades of experience in. Our Government business unit houses four of our critical client groups: UK National Security, Global National Security, defence and central government. Government and key infrastructure networks are critical targets to defend as the effects of these networks being breached can be devastating. As a member of the Government business unit, you will defend the connected world and ensure the protection of nations. We all have a role to play in defending our clients, and this is yours.
Sep 22, 2022
Full time
Job Summary An operational cyber researcher is able to plan and perform research into a wide range of systems and technologies with a focus on discovering and exploiting weaknesses in their design or implementation. The role provides technical guidance for customers as well as supporting bids and proposals. An operational cyber researcher has broad skills which generally involve, but are not limited to, the following activities: Exploratory Research. Vulnerability & Technical Research. Experimental Development. Key Responsibilities Researchers undertaking exploratory research are expected to: Rapidly summarise and assess new domains. Provide domain knowledge for technical analysis, experimental development and subsequent engineering. Researchers undertaking vulnerability & technical research are expected to: Know which pen-testing and reverse engineering tools and methodologies are appropriate to a given problem. Have experience of advanced vulnerability assessment techniques such as fuzzing and code injection. Researchers undertaking experimental development are expected to: Develop, assess and prioritize prototype and simulated capabilities. Mandatory Skills and Experience Required A wide range of skills are required for Operational Research. The number one skill is being able to think systematically and take logical steps towards deconstructing a complex system. For lower-level work, an intermediate/advanced understanding of how computers work is important (eg knowing the difference between the heap and the stack, and between compiled and interpreted languages). More required skills for this role include: Skills General: Technical writing Presentation skills Innovative problem solving Team working Technical Analysis: Scripting (e.g. with Python) Rapid development of prototypes or simulations (e.g. with C#) Other Desirable Skills and Experience As well as the above, an Operational Cyber Researcher will need skills and experience in at least one of the areas below. An ideal candidate will cover several areas. Skills Technical Analysis: Network traffic analysis Reverse engineering Vulnerability analysis Exploit development Exploratory Research: OSINT and interacting with SMEs Developing new research skills as appropriate General: Technical Leadership Team management Knowledge Exploratory Research: Network architecture and security Risk assessment Systems engineering Architectural frameworks Technical Analysis: Processor architecture Operating systems and firmware Standard and domain-specific protocols and data formats Experimental Development: Software development life cycle Assured development practices (at a high-level) Technology A wide range of tools exist, and the researcher should be able to determine which are most appropriate for a given task. Types of tools used include: Scripting languages (e.g. Python); Traffic capture and analysis tools (e.g. Wireshark); Disassemblers (e.g. IDA Pro); Debuggers (e.g. gdb); Decompilers (e.g. Hex-Rays Decompiler); Virtualization environments; Integrated development environments; Domain-specific simulation and development tools. Security Clearance is required for this vacancy. If you are not currently Security Cleared, you will need to be eligible for this and willing to go through the process. For more guidance on National Security Vetting please click here. Life at BAE Systems Digital Intelligence We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day. By embracing technology, we can interact, collaborate and create together, even when we re working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance wellbeing. Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential. About BAE Systems Digital Intelligence We use our intelligence-led insights to help defend Governments, Nations and Societies from cyber-attacks and financial crime. Our customers depend on our evolving capabilities to help them safely grow their organisations. Our unprecedented access to threat intelligence, world-leading analysts and market-leading technology means we can help them to adapt, evolve and stay ahead of the criminals. Division overview: Government At BAE Systems Digital Intelligence, we pride ourselves in being a leader in the cyber defence industry, and Government contracts are an area we have many decades of experience in. Our Government business unit houses four of our critical client groups: UK National Security, Global National Security, defence and central government. Government and key infrastructure networks are critical targets to defend as the effects of these networks being breached can be devastating. As a member of the Government business unit, you will defend the connected world and ensure the protection of nations. We all have a role to play in defending our clients, and this is yours.
and our mission is to stop breaches. As a global leader in cybersecurity, our team changed the game. Since our inception, our market leading cloud-native platform has offered unparalleled protection against the most sophisticated cyberattacks. We're looking for people with limitless passion, a relentless focus on innovation and a fanatical commitment to the customer to join us in shaping the future of cybersecurity. Consistently recognized as a top workplace, CrowdStrike is committed to cultivating an inclusive, remote-first culture that offers people the autonomy and flexibility to balance the needs of work and life while taking their career to the next level. Interested in working for a company that sets the standard and leads with integrity? Join us on a mission that matters - one team, one fight. Please read the following job description thoroughly to ensure you are the right fit for this role before applying. About the Role This is an Engineering Manager role in the Spotlight Content global team responsible for developing and delivering the Spotlight vulnerability assessment detections for CrowdStrike. This person would work closely with other internal teams and product management to understand the requirements and needs on Vulnerability Detection capabilities for the product. They will be technically responsible for the capabilities for Spotlight to detect, track, report and prioritize vulnerabilities on assets. This person would also own the team culture and will be responsible for building a strong team of contributors who work well together and raise the bar for a good working environment. This includes working across the organization and time zones for collaboration. Strong communication and organizational skills are essential. The successful candidate should have had experience building and leading a team focused on building detection pipelines for vulnerabilities and other threats. Work experience in the security industry is highly desirable, including a strong understanding of some of the current prevalent products in this space. Responsibilities Manage the Global Spotlight Security Analysts team and coordinate with other teams to assess detection capabilities- including content validation. Lead a team of Security Analysts to Actively investigate the latest in security vulnerabilities, advisories, incidents, and provide insights (sources like, Microsoft, Oracle, etc) Vulnerability data discovery and validation (Data efficacy & Accuracy) Collaborate with multi-functional teams across various physical locations including product management and other engineering disciplines. Lead and manage other projects as assigned Manage a Team of Analyst and Researchers to plan, coordinate and execute Vulnerability Detection Coverage for Spotlight Supported Platforms Participate in Company Thought Leadership efforts and guidance for analysis on prevalent vulnerabilities and Risk Based Vulnerability Management. What you will need Minimum five years of overall experience as an Individual Contributor and at least two years in management of technology products. Ability and desire to being hands on as well as leading the team and collaborating cross functionally Ability to develop, coordinate and execute on an engineering roadmap Ability to communicate and articulate crisply at all levels from executive staff to engineers Ability to communicate, collaborate, and work effectively in a distributed team Familiarity and experience with the Agile process Experience in Cybersecurity Industry Desirable Skills: Understanding of Vulnerabilities, mitigations and remediations Understanding of Vulnerability and Software Detection techniques Experience with Security/Vulnerability detections development and release Experience of Vulnerability Management product development Experience designing and implementing validation workflows for Security Based products Experience working in remote & distributed environments Solid design and problem-solving skills with a demonstrated passion for engineering excellence, pragmatism, quality, security, and performance Experience with Go and/or Python would be a plus Benefits of Working at CrowdStrike: Remote-first culture Market leader in compensation and equity awards Competitive vacation and flexible working arrangements Comprehensive and inclusive health benefits Physical and mental wellness programs Paid parental leave, including adoption A variety of professional development and mentorship opportunities Offices with stocked kitchens when you need to fuel innovation and collaboration We are committed to fostering a culture of belonging where everyone feels seen, heard, valued for who they are and empowered to succeed. Our approach to cultivating a diverse, equitable, and inclusive culture is rooted in listening, learning and collective action. By embracing the diversity of our people, we achieve our best work and fuel innovation - generating the best possible outcomes for our customers and the communities they serve. CrowdStrike is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law. Remote working/work at home options are available for this role.
Sep 21, 2022
Full time
and our mission is to stop breaches. As a global leader in cybersecurity, our team changed the game. Since our inception, our market leading cloud-native platform has offered unparalleled protection against the most sophisticated cyberattacks. We're looking for people with limitless passion, a relentless focus on innovation and a fanatical commitment to the customer to join us in shaping the future of cybersecurity. Consistently recognized as a top workplace, CrowdStrike is committed to cultivating an inclusive, remote-first culture that offers people the autonomy and flexibility to balance the needs of work and life while taking their career to the next level. Interested in working for a company that sets the standard and leads with integrity? Join us on a mission that matters - one team, one fight. Please read the following job description thoroughly to ensure you are the right fit for this role before applying. About the Role This is an Engineering Manager role in the Spotlight Content global team responsible for developing and delivering the Spotlight vulnerability assessment detections for CrowdStrike. This person would work closely with other internal teams and product management to understand the requirements and needs on Vulnerability Detection capabilities for the product. They will be technically responsible for the capabilities for Spotlight to detect, track, report and prioritize vulnerabilities on assets. This person would also own the team culture and will be responsible for building a strong team of contributors who work well together and raise the bar for a good working environment. This includes working across the organization and time zones for collaboration. Strong communication and organizational skills are essential. The successful candidate should have had experience building and leading a team focused on building detection pipelines for vulnerabilities and other threats. Work experience in the security industry is highly desirable, including a strong understanding of some of the current prevalent products in this space. Responsibilities Manage the Global Spotlight Security Analysts team and coordinate with other teams to assess detection capabilities- including content validation. Lead a team of Security Analysts to Actively investigate the latest in security vulnerabilities, advisories, incidents, and provide insights (sources like, Microsoft, Oracle, etc) Vulnerability data discovery and validation (Data efficacy & Accuracy) Collaborate with multi-functional teams across various physical locations including product management and other engineering disciplines. Lead and manage other projects as assigned Manage a Team of Analyst and Researchers to plan, coordinate and execute Vulnerability Detection Coverage for Spotlight Supported Platforms Participate in Company Thought Leadership efforts and guidance for analysis on prevalent vulnerabilities and Risk Based Vulnerability Management. What you will need Minimum five years of overall experience as an Individual Contributor and at least two years in management of technology products. Ability and desire to being hands on as well as leading the team and collaborating cross functionally Ability to develop, coordinate and execute on an engineering roadmap Ability to communicate and articulate crisply at all levels from executive staff to engineers Ability to communicate, collaborate, and work effectively in a distributed team Familiarity and experience with the Agile process Experience in Cybersecurity Industry Desirable Skills: Understanding of Vulnerabilities, mitigations and remediations Understanding of Vulnerability and Software Detection techniques Experience with Security/Vulnerability detections development and release Experience of Vulnerability Management product development Experience designing and implementing validation workflows for Security Based products Experience working in remote & distributed environments Solid design and problem-solving skills with a demonstrated passion for engineering excellence, pragmatism, quality, security, and performance Experience with Go and/or Python would be a plus Benefits of Working at CrowdStrike: Remote-first culture Market leader in compensation and equity awards Competitive vacation and flexible working arrangements Comprehensive and inclusive health benefits Physical and mental wellness programs Paid parental leave, including adoption A variety of professional development and mentorship opportunities Offices with stocked kitchens when you need to fuel innovation and collaboration We are committed to fostering a culture of belonging where everyone feels seen, heard, valued for who they are and empowered to succeed. Our approach to cultivating a diverse, equitable, and inclusive culture is rooted in listening, learning and collective action. By embracing the diversity of our people, we achieve our best work and fuel innovation - generating the best possible outcomes for our customers and the communities they serve. CrowdStrike is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law. Remote working/work at home options are available for this role.
and our mission is to stop breaches. As a global leader in cybersecurity, our team changed the game. Since our inception, our market leading cloud-native platform has offered unparalleled protection against the most sophisticated cyberattacks. We're looking for people with limitless passion, a relentless focus on innovation and a fanatical commitment to the customer to join us in shaping the future of cybersecurity. Consistently recognized as a top workplace, CrowdStrike is committed to cultivating an inclusive, remote-first culture that offers people the autonomy and flexibility to balance the needs of work and life while taking their career to the next level. Interested in working for a company that sets the standard and leads with integrity? Join us on a mission that matters - one team, one fight. Want to make an application Make sure your CV is up to date, then read the following job specs carefully before applying. About the Role: In this role, you'll be joining the Data Security team, which includes Data Protection and Insider Risk: products that protect data in customer environments. We are looking for a QA Analyst to join our team and help ensure our product UIs work well and address users' needs. You'll be joining a cross-functional, global UX team composed of software engineers, designers, researchers, and writers collaborating closely to deliver the best possible experience for our customers. What you'll do: Write and execute test plans for new UI features Exploratory testing Help develop and document requirements Help educate and advocate for testing best practices and overall product quality Participate in design and documentation reviews Coordinate with multiple teams to understand requirements and get issues addressed Look at the product holistically and rigorously test the UI to find inconsistencies and issues that are difficult to test automatically. Identify and/or create environments/conditions needed for testing What you'll need: 3+ years experience You have tested and shipped products and features Experience testing web UI Experience writing and executing test plans Experience documenting technical requirements Knowledge of classes and testing methodologies Attention to detail and organization Comfort working on multiple projects simultaneously Comfort working with diverse stakeholders Courage to champion the user perspective and the quality of the project Pragmatism to prioritize issues and prevent perfect being the enemy of great Bonus points: Experience editing/proof-reading Knowledge of and experience in cybersecurity or productivity apps people globally Benefits of Working at CrowdStrike: Remote-first culture Market leader in compensation and equity awards Competitive vacation and flexible working arrangements Comprehensive and inclusive health benefits Physical and mental wellness programs Paid parental leave, including adoption A variety of professional development and mentorship opportunities Offices with stocked kitchens when you need to fuel innovation and collaboration We are committed to fostering a culture of belonging where everyone feels seen, heard, valued for who they are and empowered to succeed. Our approach to cultivating a diverse, equitable, and inclusive culture is rooted in listening, learning and collective action. By embracing the diversity of our people, we achieve our best work and fuel innovation - generating the best possible outcomes for our customers and the communities they serve. CrowdStrike is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law. Remote working/work at home options are available for this role.
Sep 21, 2022
Full time
and our mission is to stop breaches. As a global leader in cybersecurity, our team changed the game. Since our inception, our market leading cloud-native platform has offered unparalleled protection against the most sophisticated cyberattacks. We're looking for people with limitless passion, a relentless focus on innovation and a fanatical commitment to the customer to join us in shaping the future of cybersecurity. Consistently recognized as a top workplace, CrowdStrike is committed to cultivating an inclusive, remote-first culture that offers people the autonomy and flexibility to balance the needs of work and life while taking their career to the next level. Interested in working for a company that sets the standard and leads with integrity? Join us on a mission that matters - one team, one fight. Want to make an application Make sure your CV is up to date, then read the following job specs carefully before applying. About the Role: In this role, you'll be joining the Data Security team, which includes Data Protection and Insider Risk: products that protect data in customer environments. We are looking for a QA Analyst to join our team and help ensure our product UIs work well and address users' needs. You'll be joining a cross-functional, global UX team composed of software engineers, designers, researchers, and writers collaborating closely to deliver the best possible experience for our customers. What you'll do: Write and execute test plans for new UI features Exploratory testing Help develop and document requirements Help educate and advocate for testing best practices and overall product quality Participate in design and documentation reviews Coordinate with multiple teams to understand requirements and get issues addressed Look at the product holistically and rigorously test the UI to find inconsistencies and issues that are difficult to test automatically. Identify and/or create environments/conditions needed for testing What you'll need: 3+ years experience You have tested and shipped products and features Experience testing web UI Experience writing and executing test plans Experience documenting technical requirements Knowledge of classes and testing methodologies Attention to detail and organization Comfort working on multiple projects simultaneously Comfort working with diverse stakeholders Courage to champion the user perspective and the quality of the project Pragmatism to prioritize issues and prevent perfect being the enemy of great Bonus points: Experience editing/proof-reading Knowledge of and experience in cybersecurity or productivity apps people globally Benefits of Working at CrowdStrike: Remote-first culture Market leader in compensation and equity awards Competitive vacation and flexible working arrangements Comprehensive and inclusive health benefits Physical and mental wellness programs Paid parental leave, including adoption A variety of professional development and mentorship opportunities Offices with stocked kitchens when you need to fuel innovation and collaboration We are committed to fostering a culture of belonging where everyone feels seen, heard, valued for who they are and empowered to succeed. Our approach to cultivating a diverse, equitable, and inclusive culture is rooted in listening, learning and collective action. By embracing the diversity of our people, we achieve our best work and fuel innovation - generating the best possible outcomes for our customers and the communities they serve. CrowdStrike is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law. Remote working/work at home options are available for this role.
Threat Intelligence Researcher BAE Systems Applied Intelligence offers world class threat intelligence services to customers across the globe. Our team investigates some of the most complex state-sponsored threat actors and intrusions on a daily basis. We currently have a vacancy for a Threat Intelligence Researcher in our team. The successful candidate would be expected to support investigations, threat research and open source investigations for customers. We are looking for candidates with a strong understanding of the threat landscape which can be applied to supporting customer needs. Responsibilities: Investigate cyber intrusions and threat activity as part of the global Threat Intelligence team. Conduct research on threat actors (from hacktivist to criminal to state), and their tools, techniques, and procedures (TTPs) using commercial and open sources. Produce finished intelligence reports related to state and criminal threats, with insights into attacker techniques and identified campaigns. Provide clear and concise written responses to customer inquiries/requests, and brief customers on specific relevant threats. Report on the threat landscape and provide relevant trend analysis and technical insights to customers and other stakeholders. Work in a collaborative environment with other intelligence analysts, technical specialists, and customer facing consultants. Requirements: Experience tracking actors or campaigns and their associated tactics, techniques, and tools. Strong understanding of the cyber threat landscape and ability to communicate relevant insights to customers. Self-starter with ability to identify problems early and come up with solutions using own initiative. Ability to demonstrate comprehensive, practical knowledge of research / collection skills and analytical methods. Ability to write concisely and proficiently, and express complex technical and non-technical concepts verbally, graphically/visually, and in writing. Ability to communicate complicated technical challenges in business language to a range of stakeholders. Technical skills with an interest in one or more of the following: open source intelligence investigations, digital forensics, infrastructure analysis, threat hunting, or malware reverse engineering. Desirable skills: Experience in delivering intelligence led assessments such as CBEST or TIBER. Familiarity with threat data analysis and automation/scripting. Familiarity with visualisation tools such as Maltego. Life at BAE Systems Applied Intelligence We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day. By embracing technology, we can interact, collaborate and create together, even when we're working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance wellbeing. Diversity and inclusion are integral to the success of BAE Systems Applied Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential. About BAE Systems Applied Intelligence We use our intelligence-led insights to help defend Governments, Nations and Societies from cyber-attacks and financial crime. Our customers depend on our evolving capabilities to help them safely grow their organisations. Our unprecedented access to threat intelligence, world-leading analysts and market-leading technology means we can help them to adapt, evolve and stay ahead of the criminals. Division overview: Government At BAE Systems Applied Intelligence, we pride ourselves in being a leader in the cyber defence industry, and Government contracts are an area we have many decades of experience in. Our Government business unit houses four of our critical client groups: UK National Security, Global National Security, defence and central government. Government and key infrastructure networks are critical targets to defend as the effects of these networks being breached can be devastating. As a member of the Government business unit, you will defend the connected world and ensure the protection of nations. We all have a role to play in defending our clients, and this is yours.
Oct 07, 2021
Full time
Threat Intelligence Researcher BAE Systems Applied Intelligence offers world class threat intelligence services to customers across the globe. Our team investigates some of the most complex state-sponsored threat actors and intrusions on a daily basis. We currently have a vacancy for a Threat Intelligence Researcher in our team. The successful candidate would be expected to support investigations, threat research and open source investigations for customers. We are looking for candidates with a strong understanding of the threat landscape which can be applied to supporting customer needs. Responsibilities: Investigate cyber intrusions and threat activity as part of the global Threat Intelligence team. Conduct research on threat actors (from hacktivist to criminal to state), and their tools, techniques, and procedures (TTPs) using commercial and open sources. Produce finished intelligence reports related to state and criminal threats, with insights into attacker techniques and identified campaigns. Provide clear and concise written responses to customer inquiries/requests, and brief customers on specific relevant threats. Report on the threat landscape and provide relevant trend analysis and technical insights to customers and other stakeholders. Work in a collaborative environment with other intelligence analysts, technical specialists, and customer facing consultants. Requirements: Experience tracking actors or campaigns and their associated tactics, techniques, and tools. Strong understanding of the cyber threat landscape and ability to communicate relevant insights to customers. Self-starter with ability to identify problems early and come up with solutions using own initiative. Ability to demonstrate comprehensive, practical knowledge of research / collection skills and analytical methods. Ability to write concisely and proficiently, and express complex technical and non-technical concepts verbally, graphically/visually, and in writing. Ability to communicate complicated technical challenges in business language to a range of stakeholders. Technical skills with an interest in one or more of the following: open source intelligence investigations, digital forensics, infrastructure analysis, threat hunting, or malware reverse engineering. Desirable skills: Experience in delivering intelligence led assessments such as CBEST or TIBER. Familiarity with threat data analysis and automation/scripting. Familiarity with visualisation tools such as Maltego. Life at BAE Systems Applied Intelligence We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day. By embracing technology, we can interact, collaborate and create together, even when we're working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance wellbeing. Diversity and inclusion are integral to the success of BAE Systems Applied Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential. About BAE Systems Applied Intelligence We use our intelligence-led insights to help defend Governments, Nations and Societies from cyber-attacks and financial crime. Our customers depend on our evolving capabilities to help them safely grow their organisations. Our unprecedented access to threat intelligence, world-leading analysts and market-leading technology means we can help them to adapt, evolve and stay ahead of the criminals. Division overview: Government At BAE Systems Applied Intelligence, we pride ourselves in being a leader in the cyber defence industry, and Government contracts are an area we have many decades of experience in. Our Government business unit houses four of our critical client groups: UK National Security, Global National Security, defence and central government. Government and key infrastructure networks are critical targets to defend as the effects of these networks being breached can be devastating. As a member of the Government business unit, you will defend the connected world and ensure the protection of nations. We all have a role to play in defending our clients, and this is yours.
What do we do?
We are an autonomous and independently audited cyber security evaluation centre, conducting security research into the safety and security of various products and services used inside of the UK such as smartphones to core networks in fibre broadband and 2G, 3G and 4G networks.
Due to the secure nature of our client’s project, the successful candidate must either hold valid or be willing to undergo DV Clearance prior to the commencement of the project. We’re conducting world leading security capabilities as well as using deep dive investigative techniques and elite vulnerability research. We don’t just run Nessus, if there isn’t a tool for what we want to test, we build one.
What do we need?
Above all else we’d like to speak with passionate and proactive offensive security professionals with a strong low level, ground up knowledge.
We’re not just running tick box exercises, that’s why you’ll need to know the fundamentals. You’ll be the sort of person that is fascinated by pulling things apart and breaking them; who comes across something a bit odd and can’t help but investigate it further.
In terms of technical experience, you’ll need to be familiar with:
* Reverse Engineering
* Exploit Development
* Using and/or creating bespoke tools
* Embedded Systems
* Networking
* Internet Protocol
* Static & Dynamic Analysis
* Bonus points for…
* Programming (Object oriented languages and/or assembly a bonus)
* Degree in Computer Science, Electrical Engineering, Robotics or similar
What’s in it for me?
You’ll get to literally throw everything at projects and investigate in ways that are not common place in other security teams. You’ll be dealing with bugs that could potentially effect the nation so you’ll be doing innovative vulnerability research in a fun and collaborative environment, using cutting edge technologies.
You’ll get to work with some of the most talented cyber security professionals in the country and benefit from their knowledge. You’ll be encouraged to cross skill and be free to take on personal research and personal development in the 20% of time we allocate. You’ll have access to an individual personal training budget and have plenty of opportunity to grow because we actively promote professional development.
If you’d like to discuss the role in more detail you can contact our recruitment partner Outsource UK for more information. Contact Shirin Fahri on (Apply online only) or email (url removed).
Alternatively, to skip this and meet us, contact us for details on our security event in Leamington on 25th October and receive our attendee challenge to get a ticket!
Shirin Fahri
(Apply online only)
(url removed)
Please visit our website (url removed)
Oct 29, 2018
What do we do?
We are an autonomous and independently audited cyber security evaluation centre, conducting security research into the safety and security of various products and services used inside of the UK such as smartphones to core networks in fibre broadband and 2G, 3G and 4G networks.
Due to the secure nature of our client’s project, the successful candidate must either hold valid or be willing to undergo DV Clearance prior to the commencement of the project. We’re conducting world leading security capabilities as well as using deep dive investigative techniques and elite vulnerability research. We don’t just run Nessus, if there isn’t a tool for what we want to test, we build one.
What do we need?
Above all else we’d like to speak with passionate and proactive offensive security professionals with a strong low level, ground up knowledge.
We’re not just running tick box exercises, that’s why you’ll need to know the fundamentals. You’ll be the sort of person that is fascinated by pulling things apart and breaking them; who comes across something a bit odd and can’t help but investigate it further.
In terms of technical experience, you’ll need to be familiar with:
* Reverse Engineering
* Exploit Development
* Using and/or creating bespoke tools
* Embedded Systems
* Networking
* Internet Protocol
* Static & Dynamic Analysis
* Bonus points for…
* Programming (Object oriented languages and/or assembly a bonus)
* Degree in Computer Science, Electrical Engineering, Robotics or similar
What’s in it for me?
You’ll get to literally throw everything at projects and investigate in ways that are not common place in other security teams. You’ll be dealing with bugs that could potentially effect the nation so you’ll be doing innovative vulnerability research in a fun and collaborative environment, using cutting edge technologies.
You’ll get to work with some of the most talented cyber security professionals in the country and benefit from their knowledge. You’ll be encouraged to cross skill and be free to take on personal research and personal development in the 20% of time we allocate. You’ll have access to an individual personal training budget and have plenty of opportunity to grow because we actively promote professional development.
If you’d like to discuss the role in more detail you can contact our recruitment partner Outsource UK for more information. Contact Shirin Fahri on (Apply online only) or email (url removed).
Alternatively, to skip this and meet us, contact us for details on our security event in Leamington on 25th October and receive our attendee challenge to get a ticket!
Shirin Fahri
(Apply online only)
(url removed)
Please visit our website (url removed)