Zero-Day Vulnerability Researchers / Browsers

Position: Browser Exploitation Specialists / Zero-Day Vulnerability Researchers
Reference: ZDM2017BRW
Status: Full Time
Location: Remote/Telecommuting or on site (flexible)

Roles and Responsibilities

ZERODIUM conducts its own internal zero-day research in addition to external zero-day vulnerabilities acquired from third-party contributors. To expand its internal research team and capabilities, ZERODIUM is looking for experienced zero-day vulnerability researchers specializing in browser security.

You will be responsible for researching and finding zero-day vulnerabilities in major web browsers and plugins (Flash, IE/Edge, Chrome, Firefox, or Safari), and developing sophisticated exploits on either Windows or Mac OS X.

You must have the ability to work as part of a team as well as independently, and must recognize and deal appropriately with highly confidential and sensitive information.

Key Qualifications

- Demonstrated experience and proven track record in discovery of browser zero-day vulnerabilities (Flash, IE/Edge, Chrome, Firefox, or Safari).
- Demonstrated experience and proven track record in browser exploit development on at least one modern OS (either Windows or Mac OS X).
- In-depth knowledge of x86/x64 assembly code and browser-related programming languages (e.g. HTML5, JavaScript, or ActionScript).
- In-depth knowledge of the inner-workings of modern operating systems, major browsers/plugins, and related exploit mitigations.
- Relevant experience with RE tools such as OllyDbg, ImmunityDbg, WinDbg, gdb, IDA Pro, etc.
- Experience with mutation-based and generation-based fuzzing, or code coverage/instrumentation are a plus.

Benefits

- As a ZERODIUM team member, you will receive a competitive salary plus an attractive bonus for each zero-day exploit that you develop.
- As a ZERODIUM team member, you can work remotely from home (telecommuting) or from one of our international locations.
- As a ZERODIUM team member, you will travel to various international conferences and attend events sponsored by ZERODIUM.

Apply

To apply for this position, please send your resume to:

Zero-Day Vulnerability Researchers / Kernel

Position: Kernel Exploitation Specialists / Zero-Day Vulnerability Researchers
Reference: ZDM2017KRN
Status: Full Time
Location: Remote/Telecommuting or on site (flexible)

Roles and Responsibilities

ZERODIUM conducts its own internal zero-day research in addition to external zero-day vulnerabilities acquired from third-party contributors. To expand its internal research team and capabilities, ZERODIUM is looking for experienced zero-day vulnerability researchers specializing in kernel security.

You will be responsible for finding zero-day vulnerabilities in kernel-level components of major operating systems and developing sophisticated exploits for these vulnerabilities.

You must have the ability to work as part of a team as well as independently, and must recognize and deal appropriately with highly confidential and sensitive information.

Key Qualifications

- Demonstrated experience and proven track record in discovery of kernel-level vulnerabilities (either Windows, Linux, or Mac OS X).
- Demonstrated experience and proven track record in kernel-mode exploit development on at least one modern OS (Windows, Linux, or Mac OS X).
- In-depth knowledge of x86/x64 assembly code, C/C++, exploit mitigations, and inner-workings of modern operating systems.
- Relevant experience with RE tools such as WinDbg, (k)gdb, IDA Pro, etc.

Benefits

- As a ZERODIUM team member, you will receive a competitive salary plus an attractive bonus for each zero-day exploit that you develop.
- As a ZERODIUM team member, you can work remotely from home (telecommuting) or from one of our international locations.
- As a ZERODIUM team member, you will travel to various international conferences and attend events sponsored by ZERODIUM.

Apply

To apply for this position, please send your resume to:

Zero-Day Vulnerability Researchers / Mobile

Position: Mobile Exploitation Specialists / Zero-Day Vulnerability Researchers
Reference: ZDM2017MOB
Status: Full Time
Location: Remote/Telecommuting or on site (flexible)

Roles and Responsibilities

ZERODIUM conducts its own internal zero-day research in addition to external zero-day vulnerabilities acquired from third-party contributors. To expand its internal research team and capabilities, ZERODIUM is looking for experienced zero-day vulnerability researchers specializing in mobile security.

You will be responsible for finding zero-day vulnerabilities in major mobile platforms (Android, iOS, or Windows Mobile) and mobile applications (browsers, media/file players, drivers, kernel), and developing sophisticated exploits for these vulnerabilities.

You must have the ability to work as part of a team as well as independently, and must recognize and deal appropriately with highly confidential and sensitive information.

Key Qualifications

- Demonstrated experience and proven track record in discovery of mobile zero-day vulnerabilities (browsers, media/file players, drivers, kernel).
- Demonstrated experience and proven track record in exploit development on at least one mobile OS (Android, iOS, or Windows Mobile).
- In-depth knowledge of ARM assembly code, inner-workings of mobile operating systems and apps, and related exploit mitigations.
- Relevant experience with RE tools and development frameworks for mobile OS (Android, iOS, or Windows Mobile).

Benefits

- As a ZERODIUM team member, you will receive a competitive salary plus an attractive bonus for each zero-day exploit that you develop.
- As a ZERODIUM team member, you can work remotely from home (telecommuting) or from one of our international locations.
- As a ZERODIUM team member, you will travel to various international conferences and attend events sponsored by ZERODIUM.

Apply

To apply for this position, please send your resume to: