[Dailydave] COSEINC is hiring

Thomas Lim thomas at coseinc.com
Wed May 20 01:16:25 EDT 2015


hi DD readers

COSEINC is hiring the following roles. if you are interested, please
send your detailed CV to info at coseinc.com.

1. Mobile Security Researchers
2. Virtualization Security Researchers
3. Web Browsers Security Researchers
4. Linux Security Researchers

Mobile Security Researcher

Job Descriptions:
•	Perform cutting edge vulnerability research on IOS or Android.
•	Write detailed technical reports and develop PoC code to demonstrate
security issues found.
•	Recommend remediation measures to mitigate the vulnerabilities.
•	Stay updated on the security landscape, especially in the area of
mobile vulnerabilities.

Requirements:
•	Experience with Reverse Engineering , Debugging and Code Analysis on
IOS or Android
•	Experience with vulnerability research on IOS or Android
•	Solid understanding of IOS/Android security model, how they are
implemented and how they can be bypassed
•	Ability to create POC exploits that demonstrates the severity of
security vulnerabilities found
•	Strong problem solving and analysis skills
•	Good track record in the area of IOS and Android vulnerability
research, demonstrated  by the following:
	- Issued security advisories
	- Relevant work experience
	- Presented at renowned conferences
	- Wrote blog/articles on relevant topics


Virtualization Security Researcher

Job Descriptions:
•	Perform cutting edge vulnerability research on Hypervisor technology.
•	Write detailed technical reports and develop PoC code to demonstrate
security issues found.
•	Recommend remediation measures to mitigate the vulnerabilities.
•	Stay updated on the security landscape, especially in the area of
hypervisor vulnerabilities.

Requirements:
•	Experience with Binary Analysis and Reverse Engineering
•	Experience with researching on VMware Hypervisors
•	Ability to create POC exploits that demonstrates the severity of
security vulnerabilities found
•	Good record of performing hypervisor related vulnerability research,
demonstrated  by the following:
    - Wrote blog/articles on relevant topics
    - Training classes
    - Presented at renowned conferences
    - Publicly disclosed CVEs
    - Relevant work experience
    - Substantial code contributions to open-source hypervisors


Web Browsers Security Researcher

Job Descriptions:
•	Perform cutting edge vulnerability research on web browsers (running
on Windows OS).
•	Identify and audit browsers for bugs that may lead to RCE and
bypassing/mitigation of  security mechanisms
•	Write detailed technical reports and develop PoC code to demonstrate
security issues found.
•	Recommend remediation measures to mitigate the vulnerabilities.
•	Stay updated on new security technologies that may impact web browsers

Requirements:
•	Experiences in auditing browsers running on Windows for bugs that may
lead to remote code execution (RCE)
•	Good understanding of different browser security mechanisms, such as
sandboxes, and preferably experiences in auditing these mechanisms to
bypass/mitigate them
•	Ability to create POC exploits that demonstrates the severity of
security vulnerabilities found
•	Good track record, demonstrated through one or more of the followings:
	- Issued security advisories
	- Relevant work experience
	- Presented at renowned conferences
	- Wrote blog/articles on relevant topics


Linux Security Researcher

Job Descriptions:
•	Perform source code auditing to identify bugs within Linux kernel or
open-source applications that may bypass existing security mitigations,
thereafter leading to code
execution.
•	Write detailed technical reports and develop PoC code to demonstrate
security issues found.
•	Recommend remediation measures to mitigate the vulnerabilities.
•	Stay updated on the Linux security landscape

Requirements:
•	Experiences in auditing source code for Linux Kernel and open-source
applications (and services) for bugs that may lead to code execution
•	Good understanding of kernel and userspace exploitation, preferable
with experiences in developing proof-of-concepts to demonstrate the
severity of bugs found
•	Demonstrate requirements a. and b. through one or more of the following
    - Issued security advisories
    - Relevant work experience
    - Presented at renowned conferences
    - Wrote blog/articles on relevant topics

-- 
Thank you
Thomas Lim


More information about the Dailydave mailing list