|at Block.one (view profile)|
|Location||NORTHERN VIRGINIA, United States|
|Date Posted||August 21, 2019|
Customer or Business Operations Support
Office · Full time
We are looking for a Senior Security Researcher to work on source code review, fuzzing, penetration testing of applications, and code / vulnerability remediation support.
- Work as a key security researcher within an elite engineering team delivering industry-leading blockchain protocols and applications
- Perform web application penetration testing, source code reviews, and/or network penetration testing.
- Support project tasks and deadlines for engineering teams spanning multiple timezones.
- Create unique tools to assist in research project goals.
- Exploit vulnerabilities found in client systems; and clearly communicate complex vulnerabilities to both technical and non-technical staff.
- Create detailed technical reports explaining technical and business risk of the vulnerabilities found to include actionable recommendations/considerations.
- Participate in project conference calls with internal engineering stakeholders
- Provide technical leadership/mentorship to the security and engineering teams.
- Contribute to the security industry through presentations, blog posts, whitepapers, responsible disclosure, and/or research.
Required skills and qualifications
- 5+ years of experience in the following areas:
- Performing senior-level penetration testing
- Performing code reviews
- Demonstrating high ethical standards
- Applying offensive security methodologies
- Strong technical skills in some variety of the following disciplines:
- Network penetration testing
- Mobile application penetration testing (iOS and Android)
- Web Services penetration testing (RESTful and SOAP)
- Proficient in at least one mainstream programming language (Java, .NET, C or C++)
- Hardware/Embedded system hacking
- Reverse Engineering