דרושים » אבטחת מידע וסייבר » Embedded vulnerability Researcher- 2596

Requirements:
Offensive Mindset: Proven experience in exposing and exploiting vulnerabilities in complex systems. Embedded Expertise: Hands-on research experience with embedded/low-level systems. Network Communication Expertise: Deep understanding of the logic and vulnerabilities within network protocols and the ability to implement functional attacks against them. Security Fundamentals: Strong grasp of cybersecurity principles, including cryptography. Programming: Strong scripting and development skills in Python (for research/tooling) and C/C++ (for exploit development). Execution: A "get-things-done" attitude; self-driven and thrives in fast-paced, problem-solving environments.

Requirements:
B.Sc. or M.Sc. in Computer Science, Mathematics, or Engineering.
Published research (CVEs, blog posts, or talks).
Experience with RF communication schemes such as WiFi, Bluetooth, GPS
Experience with developing / researching in Android / iOS environments.

Requirements:
Deep understanding of embedded systems internals and OS.
5+ years of experience in real-time embedded systems development, writing code in Rust / C / C++ / Assembly.
Experience in reverse-engineering using disassemblers (IDA or GHIDRA).
Deep knowledge of network communication protocols and topologies.
Highly motivated and very creative individual.
Advantages:
Experience in vulnerability research.
Graduate of an elite technological unit in the IDF.
Bachelor's degree in computer science or engineering.

Requirements:
5+ years of experience in at least one of the following: security research, vulnerability research, malware analysis, threat intelligence, or detection engineering
Offensive security mindset with the ability to flip to the defensive side - finding attacks and building mitigations
Strong analytical skills - comfortable digging into unfamiliar code, protocols, or systems and figuring out how they break
Familiarity with operating system internals (Windows and/or macOS)
Hands-on experience with reverse engineering or dynamic/static analysis tools
Ability to write code for automation, tooling, and proof-of-concepts
Strong written and verbal communication - ability to write compelling research and present at conferences
Nice to have:
Solid understanding of web and browser security fundamentals
Experience with browser internals or browser extension security
Background in endpoint security, EDR, or DLP
Experience with static analysis tools (Semgrep, CodeQL, Joern, or similar)
Knowledge of software supply-chain attack patterns
Published security research - blog posts, CVEs, or conference talks (Black Hat, DEF CON, BSides, etc.)

Requirements:
To be a Security Researcher you need...
At least 3 years of experience as a Security Researcher
Vulnerability research experience in any of the following languages: Python, Node.JS, Java, C
Experience with code exploitation (for example, Penetration testing in backend environments or web applications, or binary exploitation)
Programming experience in Python
Experience in writing technical reports
Experience in binary reverse engineering - an advantage
DevOps experience - an advantage.

Requirements:
B.S. degree in Computer Science or a related field, or equivalent work experience.
At least 5 years of R&D experience.
In depth understanding of common security vulnerabilities, CVSS scoring, vulnerability classification, detection and exploitation techniques.
In-depth protocol analysis and interaction. Expert level knowledge of common protocols such as HTTP, DNS, SSH, SMB, etc. and fuzzing.
Some prior experience performing open-ended research when given high-level requirements and details of the desired output.
Experience with pen-testing, researching, discovering, or publishing vulnerabilities.
Reverse engineering experience including basic binary analysis, packet capture analysis, and firmware analysis (using binwalk). Prior experience with debuggers, disassemblers or decompilers (e.g. IDA Pro, Immunity Debugger, gdb).
Experience with C or C++, Assembly (x86/x64 and/or ARM/ARM64) and / or scripting languages.
One or more security related certifications (e.g. OSCP).
At least a years experience with Nessus Sensor and working with the NASL language.
An understanding of NASL coding standards.
Prior experience performing open-ended research when given high-level requirements and details of the desired output.
Some experience with reviewing code and providing feedback.
Experience with understanding and implementing RFC standards and protocols.
Experience with Python programming language.
Experience with systems administration and be comfortable working at the command line.
In depth understanding of common security vulnerabilities, CVSS scoring, vulnerability classification, detection and exploitation techniques.
In-depth protocol analysis and interaction. Expert level knowledge of common protocols such as HTTP, DNS, SSH, SMB, etc. and fuzzing.
Some prior experience performing open-ended research when given high-level requirements and details of the desired output.
Some exposure to security standards such as NIST 800-53, CIS, or DISA STIGS.
In-depth protocol analysis and interaction. Solid knowledge of common protocols such as HTTP, DNS, SSH, SMB, etc. and fuzzing.
Experience with crash dump analysis and exploit development.
Experience writing blogs and whitepapers to showcase research as well as presenting at security conferences.
Ability to sit and work at a computer for extended periods of time.
Some travel may be required.

Requirements:
6+ years of hands-on experience in security research, with at least 3 years focused on vulnerability research, Red Teaming, or offensive cyber operations.
Proven track record of breaking complex systems across diverse environments (cloud, hybrid, on-prem, web applications, and container/VM escape).
Deep hands-on expertise in AI/ML security, including model architectures, adversarial ML tactics, and attacking LLM-based applications.
Advanced proficiency in multiple programming languages (e.g., Python, C/C++, Go) and a strong grasp of Windows/Linux internals and reverse engineering.
Demonstrated ability to innovate by developing original tools, frameworks, or techniques that enhance and automate security research.
Thorough understanding of the modern threat landscape, attacker kill chains, and the MITRE ATT&CK framework.

Requirements:
* B.Sc. in Electrical Engineering, Computer Engineering, Computer Science, or a related field.
* 6+ years of experience in Embedded systems / firmware development.
* Strong experience in low-level programming ( C / C ++) and system -level understanding.
* Hands-on experience working with Linux in Embedded environments.
* Proven ability to work across hardware and software interfaces ( system integration).
* Strong system -level thinking and architecture understanding.
* Ability to work independently and take full ownership of a domain.
* Experience or familiarity with Lua- Advantage

Requirements:
Requirements:
BSc or MSc in Electrical Engineering, Computer Engineering, or a related discipline.
3+ years of hands-on experience in Embedded Real-Time software development.
Strong proficiency in C / C ++ programming. Advantages:
Experience developing HAL drivers, Embedded systems, and low-level firmware.
Knowledge of memory-constrained systems and optimization of code and data paths.
Solid understanding of operating system concepts and system architecture.
Familiarity with 5G protocols and wireless communication concepts. Minimum Qualifications:
Bachelor's degree in Engineering, Information Systems, Computer Science, or related field.

Requirements:
Computer Science or equivalent degree graduate, or equivalent experience from an IDF tech unit.
Experience researching Android and/or iOS platforms familiarity with Linux internals is a plus.
Experience with low-level reverse engineering
Experience with reverse engineering tools and decompilers (e.g., JADX, JEB, IDA Pro, Ghidra)
Familiarity with instrumentation tools such as Frida - Advantage
Understanding of networking fundamentals and protocols
Proficiency with HTTP debuggers, MITM tools, and network analyzers (e.g., Fiddler, Burp Suite, Wireshark)
Experience analyzing mobile application network communication and APIs
Experience with scripting or automation (Python preferred)
Hands-on experience in object-oriented development, preferably using .NET / C#
Excellent communication skills and the ability to work independently and collaborate effectively with team members
Strong problem-solving skills and attention to detail
Strong self-learning skills and motivation to make an impact