Massachusetts Jobs

MassHire JobQuest Logo

Job Information

Trellix N-day Vulnerability Researcher in Boston, Massachusetts

Job Title:

N-day Vulnerability Researcher

Role Overview:

-The role of the N-Day Vulnerability Researcher will focus on producing technical documentation and potentially accompanying internal-only exploit code for recently patched vulnerabilities in a wide variety of software. This will include tracking down the latest CVEs / N-day vulns, triaging the most important ones and provide an intelligence technical documentation both internally and externally. It will be challenging yet highly rewarding. The technical documentation will include, but is not limited to, detailed root cause analysis of vulnerabilities, exploitation, and suggested mitigations or detection techniques. This work will have the opportunity to strengthens our threat Intelligence teams on covering N-day vulnerabilities.

Role Overview:

The Trellix Labs advanced threat research team focuses on leading edge security research. The larger organization is tasked with discovery and analysis of critical vulnerabilities, malicious actors, campaigns, and cutting-edge attack techniques.

The role of the N-Day Vulnerability Researcher will focus on producing technical documentation and potentially accompanying internal-only exploit code for recently patched vulnerabilities in a wide variety of software. This will include tracking down the latest CVEs / N-day vulns, triaging the most important ones and provide an intelligence technical documentation both internally and externally. It will be challenging yet highly rewarding. The technical documentation will include, but is not limited to, detailed root cause analysis of vulnerabilities, exploitation, and suggested mitigations or detection techniques. This work will have the opportunity to strengthens our threat Intelligence teams on covering N-day vulnerabilities. Additionally, qualified candidates will have the opportunity to work alongside the zero-day research team members on zero-day vulnerability discovery and exploitation projects.

Candidates will be expected to use their development and analytical skills to drive meaningful vulnerability research while exploring new research tools and techniques. A successful candidate will be able to drive N-day analysis and approach problems from multiple angles with little direction while at the same time effectively communicating their process and findings to others internally and external.

Depending on the scope, research projects can spread from days to weeks and often involve collaboration with one or more teammates. Researchers are expected to participate in the Trellix responsible vulnerability disclosure process for any zero-day findings. Sharing findings internally and externally is equally important. This often takes the form of blog posts and/or conference talks.

Requirements:

  • Strong procedural programming skills, and extensive development experience in OO languages including C/C++ Highly proficient in one or more scripting language such as JavaScript, Python, Perl, Bash, or Ruby.

  • Strong *nix and Windows experience. Candidates should be very comfortable using command line tools, and understanding operating system essentials such as memory management, kernel and user mode, 3rd party software/drivers, and more.

  • Experience working with Microsoft windows patch files

  • Experience Patch diffing on multiple platforms

  • Experience writing and executing Yara rules for hunting

  • Networking experience – ability to read and dissect network traffic and packet structure, ideally experience using network tools such as Wireshark, Scapy, and more.

  • Solid understanding of vulnerabilities including techniques, mitigations, and exploitation

  • Proficiency in reverse engineering – knowledge of assembly, various architectures such as ARM, MIPS, x86 etc., static/dynamic

  • Strong experience using disassemblers and debuggers such as: IDA Pro, Ghidra, WinDBG, GDB

  • Strong technical writing skills – experience delivering technical content in a variety of formats including blogs, whitepapers, conference presentations, and more

  • Researcher mentality – driven to find and explore security issues or implementations, and corresponding ability to analyze and present findings

  • Candidates should be able to adapt to new problems and learn new skills to solve them

  • Ability to interface with multiple internal and external entities for collaboration and problem solving

Beneficial, but not required:

  • Experience with underground intelligence gathering

  • Prior Experience with Microsoft’s MAPP program

  • Experience using MISP Threat sharing

  • Experience authoring Metasploit modules

  • Cloud and/or mobile vulnerability research or analysis experience

  • Prior published work in the field of exploitation or general vulnerability research

  • Previously presented at mainstream conferences such as Blackhat, Defcon, etc.

Company Benefits and Perks:

We work hard to embrace diversity and inclusion and encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees.

  • Pension and Retirement Plans

  • Medical, Dental and Vision Coverage

  • Paid Time Off

  • Paid Parental Leave

  • Support for Community Involvement

We're serious about our commitment to diversity which is why we prohibit discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.

DirectEmployers