Cyber Vulnerability Researcher - Penetration Tester

Recruiter
Major Technical
Location
Gloucester
Posted
21 Mar 2019
Closes
07 Apr 2019
Sector
Public Sector
Contract Type
Permanent
Hours
Full Time
Job DescriptionCyber Vulnerability Researcher - Penetration Tester I am currently recruiting for an experienced Penetration Tester within Cyber Vulnerability to work on a permanent basis for my Defence client based in Gloucester. As the Cyber Vulnerability Researcher you will be required to work on a large range of projects including reverse engineering and complete write ups passing on the knowledge of development testing. The main responsibilities are as follows; * Conduct research and analysis of new vulnerabilities in software, firmware, devices and systems. * Review, isolate, analyse and then reverse-engineer programs that are vulnerable or malicious code to determine and understand the specific nature of the threat. * Document specific attack capabilities of specimens exploits (code, virus, etc.) and understand the concepts involved. * Create a detailed technical report concerning the threat, along with proof of concept code. * Maintain current knowledge of published vulnerabilities and on current and potential attacks and prepare counter-measures. * Provide guidance to others about how to detect identified threats and defend against them in a timely manner. * Analyse common network services and software applications to discover new and potential vulnerabilities Key Skills/ Experience Essential * Static and dynamic code / process analysis. * Vulnerability research, reverse engineering using appropriate tools * Penetration testing. * Extensive knowledge of C/C++, python, assembly language or additional scripting and programming languages. * Currently hold or be willing to undergo SC clearance Desirable * At least a bachelor's degree in computer science or similar subject. * Experience within the industry. * Experience with system security and de-bugging experience in C (Unix and/or Windows environments). * Relevant experience involving WinDbg, OllyDbg, BinDiff and IDA Pro. * In-depth knowledge of TCP and IP protocols. * Experience with signature development and penetration testing, along with writing exploit code. * Knowledge of fault injection frameworks or fuzzing and virtualization

Similar jobs

Similar jobs