We are seeking highly skilled and motivated Security Research Experts to join a project focused on analyzing crashing inputs in open-source software.
The successful candidates will be responsible for triaging crashes, identifying security vulnerabilities, assessing their real-world impact, and developing proof-of-concept (PoC) exploits.
This role requires a deep understanding of vulnerability research, reverse engineering, and exploit development.
Responsibilities:
• Triage and validate crash reports to determine their security relevance.
• Perform indepth root cause analysis of complex software vulnerabilities.
• Assess the exploitability of vulnerabilities and determine their potential impact.
• Develop reliable PoC exploits for confirmed security vulnerabilities.
• Clearly and concisely document all findings, including root cause, reproduction steps, and security impact.
Main Requirements:
• Proven experience in vulnerability research, reverse engineering, and exploit development.
• Strong understanding of common vulnerability classes, especially memory corruption bugs (e.g., buffer overflows, useafterfree, type confusion).
• Proficiency with debugging and analysis tools such as GDB, WinDbg, IDA Pro, or Ghidra.
• Handson experience with dynamic analysis tools and sanitizers (e.g., ASan, UBSan, Valgrind).
• Familiarity with modern exploit mitigation techniques (e.g., ASLR, DEP/NX, Stack Canaries, CFI).
• Solid understanding of operating system internals, memory management, and computer architecture.
• Excellent written and verbal communication skills, with the ability to produce clear and comprehensive technical documentation.
Logistics:
Pay range:
$55 - $75/hr depending on experience
Expected weekly hours: 10-40
Location requirements:
remote, global (U.S. preferred)
