This job ad has been posted over 30 days ago...



Exploit and Vulnerability Researcher Full-time

at Payatu Software Labs LLP in Pune (Published at 21-07-2017)

We looking for individuals passionate about vulnerability discovery, reverse engineering, and exploit development to join our esteemed team. This role would be responsible for discovering and exploiting vulnerabilities affecting high profile commercial and consumer software. The work includes attack vector enumeration, static or dynamic analysis of the target, reverse engineering, debugging, identification of vulnerabilities, exploitation, and technical documentation.

Candidates should have the following Skills:
- The ability to read and understand x86/x64 assembly code
- Demonstrated ability to discover zero-day vulnerabilities in modern software
- Demonstrated ability to exploit modern software
- Knowledge in exploitation technology, such as Shellcode, Heap Spray, ROP etc.
- Proficiency with reverse engineering tools like debuggers, IDA Pro.
- Solid programming skills with languages such as C, C++, Python or Ruby is required

You should apply if you:

- Have thorough understanding of a wide range of vulnerability classes
- Have history of publishing or presenting good research
- Are passionate about your area of expertise and self driven
- Have the knack of finding security bugs in everything you touch
- Love working for the end result and not the effort put in
- Like automating stuff
- Like writing tools
- Are comfortable working in dynamic and fast paced work environment
- Have good written and verbal communication skills and ability to express your thoughts clearly
- Have ability to work independently and meet project schedule and deadlines
- Have Strong problem solving, troubleshooting and analysis skills
- Have Excellent inter-personal and teamwork skills
- Are Self-driven, proactive, hard working, team-player

Min. Criteria for applying:

- No bar on educational qualification
- You must have a proven track record in security
- You should have authored a security tool/plugin
- Spoken at security conferences where papers are selected through CFP
- Written research papers, books, blogs, articles etc
- An active member of any security community or group
- Working on something on your own in your field apart from official work
- Written and submitted exploits in exploitdb, securityfocus and other available forums
- Regularly participate in CTFs and bug bounties

Workplace and Benefits
- Research oriented and we promote research culture
- Paid leave and logistics assistance on submitting your research on international conference.
- You will get to work on new technology.
- Be a part of nullcon Goa and Netherlands crew and meet/interact with world class researchers.
- Work on security research domain of your expertise and get paid for it too.
- Research ideas to execution support

Location: Pune, India

About Payatu:
At Payatu we believe in following one's passion and with that thought we have created a world class team of researchers and executors who are bending the rules to provide state of the art security services. We are a passionate bunch of folks working on the latest and leading edge security technology. We are proud to be part of a vibrant security community and don't miss any opportunity to give back. Some of the contribution in the field reflects our dedication and passion
- nullcon - nullcon Security Conference is an annual Security event held in Goa, India which is a must attend event for researchers in India and abroad. After 6 years of efforts put in the event, it has now become a world renowned platform to showcase new research.
- - hardwear Security Conference is an annual Hardware Security event held in The Hague, Netherlands. It is being organized to answer the emerging threats and attacks on hardware. We aim to make it the largest platform where hardware security innovation happens.
- Dedicated Fuzzing Infrastructure - We are proud to be one of the few security research companies to own an in-house infrastructure and hardware for distributed fuzzing of software such as browsers, client and server applications etc.
- null - It all started with null - The open security community in 2008 as we were eager to learn and have a place for security researchers to network and learn together. At that time there was no common place for passionate researchers to meet and discuss about security. The founders put the seed to initiate a community which would later grow to become a registered non-profit society and one of the most active security communities in India with chapters in various cities in India and in Singapore and Amsterdam. null is driven totally by passionate volunteers.
- Open source - Our team regularly authors open source tools to aid in security learning and research.

Note: Applications have been closed.

Recent jobs at Payatu Software Labs LLP

Viewed: 3401 times
« Go back to category
Is this job ad fake? Report it!   
Recommend to a friend