Key skills
PythonC++CAssembly
About this role
Cisco is a leading technology company that focuses on revolutionizing how data and infrastructure connect and protect organizations. They are seeking a Security Research Engineering Technical Leader to support cutting-edge detection and mitigation technologies, conduct vulnerability research, and develop tools for vulnerability analysis and mitigation.
Responsibilities:
- Security research including development of tools for vulnerability analysis and mitigation
- Development of static and run-time analysis tools to figure out root cause and input conditions related to a vulnerability
- Vulnerability triage and proof of concept exploit development to support the creation of detection content
- Write detailed technical reports, summaries, and testing methodologies
- Research emerging technologies, protocols, and testing methodologies
- Develop proof of concept exploits for testing vulnerability mitigations
- Perform patch analysis to find and trigger vulnerabilities
- Reverse engineer binary applications, protocols, and formats
- Analyze vulnerabilities and emerging security threats and technologies
- Provide critical security focused expertise to engineering organizations
Requirements:
- 10+ years of experience in vulnerability research or a closely related area such as exploit or mitigation development on Linux Systems
- 5+ years' experience with C/C++, and a scripting language (e.g., Python), and assembly (e.g., x86/x64, ARM, etc.)
- Bachelor's degree or equivalent in Computer Science, Electrical Engineering, Cyber Security, or other tech-related degree
- Experience with Linux internals
- Experience with binary auditing and reverse engineering, and with related tools such as IDA Pro, Binary Ninja, Ghidra, etc. and with plugin development
- Experience with common vulnerabilities and methods of exploitation, such as memory corruption, web application exploitation, file format vulnerabilities, protocol-based weaknesses, etc
- Knowledge of common file formats, network protocol structures, and enterprise networking architecture
- Ability to work independently with minimum supervision and to tackle additional tasks as the need arises