-
Security Researcher
2 weeks ago
Microsoft London, United KingdomSecurity represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, an ...
-
Security Researcher
3 days ago
Vectra London, United KingdomVectra is the leader in AI-driven threat detection and response for hybrid and multi-cloud enterprises. · **Security Researcher** · **Position Overview** · Vectra AI's Security Research Team represents the core security knowledge and research capability within the company - taske ...
-
Security Investigate Researcher
2 weeks ago
Chelsea Football Club London, United Kingdom**Job Title - Security Investigative Researcher** · **Location - Stamford Bridge** · **Permanent Role** · **Hours - 40 hours per week (5 of 7 days)** · **About Us**: · As a member of the Chelsea team you will become part of a long and proud history in the heart of iconic west Lon ...
-
Cyber Security Researcher
1 week ago
Department for Science, Innovation & Technology London, United Kingdom**Details**: · **Reference number**: · **Salary**: · - £65,000 - £135,000- Base salary of between £35,720 (L3) - £68,770 (L6) which is supplemented with an allowance between £29,280 to £66,230**Job grade**: · - Other- L3, L4, L5, L6**Contract type**: · - Fixed term · - Secondment ...
-
Principal Security Researcher
2 weeks ago
watchTowr London, United Kingdom**Hello, let us introduce ourselves** · We are watchTowr, a VC-backed cyber-security start-up headquartered in Singapore. Cyber security veterans and technical experts, we are obsessed with continuously finding ways to break into enterprises, while building technology for some of ...
-
Senior Security Researcher
3 days ago
Zscaler London, United KingdomCompany Description · With more than 10 years of experience developing, operating, and scaling the cloud, Zscaler serves thousands of enterprise customers around the world, including 450 of the Forbes Global 2000 organizations. In addition to protecting customers from damaging th ...
-
Ai Cyber Security Researcher
3 weeks ago
Park Lane Recruitment Ltd London, United Kingdom* Onsite Working · - Israel · - Cyber Security · Senior Researcher - AI Cyber Security · - Research of Europe · - Israel · - Office based working · Are you someone who enjoys using your research mindset to explore and innovate? · - Do you want to shape your world and change the w ...
-
Senior Cyber Security Researcher
2 weeks ago
Recorded Future London, United KingdomWith 1,000 employees, over $250M in sales, 1,500+ clients, and rapid year-over-year growth, Recorded Future is the world's most advanced, and largest, intelligence company · **Senior Cyber Security Researcher/Reverse Engineer, Reverse Engineering Team**: · Reverse Engineering Tea ...
-
Ai Cyber Security Researcher Uk
3 weeks ago
Park Lane Recruitment Ltd London, United Kingdom* Senior Researcher · - Hayes, UK · - Onsite Working · Senior Researcher · - AI Cyber Security · - Research of Europe · - Hayes, UK · Are you someone who enjoys using your research mindset to explore and innovate? · Do you want to shape your world and change the way it works? · D ...
-
Social Researcher: Cyber Security Skills
1 week ago
Department for Digital, Culture, Media and Sport London, United Kingdom**Details**: · **Reference number**: · **Salary**: · - £31,884 - £39,587- London £35,038 - £39,587 //National £31,884 - £36,024. Plus, £4,000 for specialist/ analysts allowance applicable to both pay scales.**Job grade**: · - Higher Executive Officer · - Senior Executive Officer- ...
-
Ai Cyber Security Researcher Uk
6 hours ago
Park Lane Recruitment Ltd London, United Kingdom**Senior Researcher**: · - **Hayes, UK**: · - **Onsite Working** · **Senior Researcher · - AI Cyber Security** · - Research of Europe · - Hayes, UK · - Are you someone who enjoys using your research mindset to explore and innovate? _ · - Do you want to shape your world and change ...
-
Google London, United Kingdom**Minimum qualifications**: · - Bachelor's degree in Computer Science, Cybersecurity, a related technical field, or equivalent practical experience.- Experience working in baseband security and related protocols, including device security, system software security, or telecommuni ...
-
Intern, Cyber Security Researcher 5000 Base in
2 weeks ago
eFinancialCareers London, United KingdomRef. Number: IN23013 · Department: Information Technology Department · **Job Type**: Internship · Posting Date: January 19, 2023 · Closing Date: February 10, 2023 · Location: Beijing/Virtual · Duration: 3 months · Start Date: May or June, 2023 · **Intern, Cyber Security Research* ...
-
Principal Security Researcher
2 weeks ago
Usurpo England, United KingdomPrincipal Security Researcher | UK · Usurpo are currently partnering with an exciting early stage startup focused on Continuous Automated Red Teaming and Attack Surface Management. They have received two rounds of funding and have already closed some great customers across many c ...
-
Privacy and security researcher
11 hours ago
Zendata United KingdomCompany Description · Zendata is a full stack cloud data security platform that specializes in helping CISOs, DevOps, and Compliance teams embed privacy and security controls and protocols across their assets and SDLC. With a focus on data risk management and privacy compliance, ...
-
Principal Security Researcher
4 days ago
Oracle united kingdom, United KingdomSenior Principal Security Researcher – UK, remote · Global Product Security's Ethical Hacking Team (EHT) is seeking experienced, passionate and talented security researchers who relish the challenge of assessing large, complex software products. As a member of the EHT you will b ...
-
Security Intelligence Researcher
2 weeks ago
SSR General & Management London, United Kingdom Full timeSecurity Intelligence ResearcherLocation flexible within EuropeThis is an exciting opportunity to join this successful Global industry leader. Due to the success of their products, our client is looking for a passionate and dedicated Security Intelligence Researcher / Analyst to ...
-
Security Intelligence Researcher
2 weeks ago
SSR Personnel United KingdomSecurity Intelligence Researcher - Europe (Remote) Location flexible within Europe · Due to the success of their products, our client is looking for a passionate and dedicated Security Intelligence Researcher / Analyst to help fight against counterfeit goods and illicit trade. ...
-
Security Intelligence Researcher
1 week ago
SSR General & Management London, United Kingdom Permanent, Full timeSecurity Intelligence Researcher · Location flexible within Europe · This is an exciting opportunity to join this successful Global industry leader. Due to the success of their products, our client is looking for a passionate and dedicated Security Intelligence Researcher / Analy ...
-
Privacy and security researcher
1 hour ago
Zendata London, United KingdomCompany DescriptionnZendata is a full stack cloud data security platform that specializes in helping CISOs, DevOps, and Compliance teams embed privacy and security controls and protocols across their assets and SDLC. With a focus on data risk management and privacy compliance, Ze ...
Principal Security Researcher - United Kingdom - Oracle
Description
Senior Principal Security Researcher – UK, remote Global Product Security's Ethical Hacking Team (EHT) is seeking experienced, passionate and talented security researchers who relish the challenge of assessing large, complex software products.
As a member of the EHT you will be responsible for planning and delivering in-depth security assessments across Oracle's entire product and service portfolio.
With hundreds of products spanning many different vertical markets, your next project could be anything from static and dynamic analysis of a multi-node Java infrastructure, to writing a fuzzer for an undocumented network protocol or the grammar of a new programming language, to analysis and reverse engineering of firmware used in the thousands of servers supporting our cloud services.
Creativity is highly valued; being able to find novel bugs and stitch them together to create something greater than the sum of their parts is essential in this role.
This is not your run-of-the-mill pentesting gig where you grind out web application assessments week in week out.The EHT is a dedicated security research group who invest the same amount of time and effort into breaking a product as you would expect from a state-sponsored APT.Unlike an APT team, however, we're not only invested in finding bugs but also making sure they are fixed correctly and don't happen again.
We don't just need people who can find CVSS 10s, we need people who can use their skills and share their expertise to effect meaningful change across the company.
A successful candidate must have genuine excitement for and interest in security, as well as the desire to share knowledge and help others learn.
Your work will benefit thousands of Oracle engineers worldwide and shape the future of product security within one of the largest software companies in the world.
Role's core responsibilities:
Scope and execute security assessments across a broad range of on-premise and cloud services; develop proof-of-concept code or end-to-end exploits for bugs you've identified.
Collaborate with engineering teams to help them triage and fix security issues, identifying systemic security weaknesses to create secure coding guidance that will educate all engineering teams within Oracle.
Produce documentation, presentations and supporting material to deliver your findings to senior figures within the development organisation and your own management chain.
Target profile and skillset:
5+ years industry experience in a software/product assessment or penetration testing role.
Proficiency reviewing code written in a variety of programming languages, including at least one of C, C++, Java or JavaScript.
Extensive experience of vulnerability research and exploit development on Linux or Windows.Experience using common software security assessment tools in the following categories:
Reverse Engineering (e.g. IDA Pro/Ghidra/Radare2)Network protocol analysis (e.g. Wireshark/tcpdump)Debugging (e.g. gdb, WinDbg, Intel Pin)Static code analysis (e.g. Fortify SCA, Coverity, SonarQube)Fuzzers and instrumentation (e.g. Jazzer /AFL/Boofuzz/AddressSanitizer)Web Application assessment (e.g. BurpSuite )Experience of creating new tools and scripts for novel assessment targets and vulnerability classesExperience with threat modelling and architecture analysis of complex applications.
Extensive knowledge of common vulnerabilities in different types of software and programming languages, including:
How to test for and exploit themReal world mitigations that can be appliedFamiliarity with vulnerability classification frameworks (e.g. OWASP Top 10)Desirable Skills/QualificationsBachelor's or Master's degree in Computer Science or related field (e.g. Electrical Engineering)Experience working in a large cloud or Internet software company Required Soft Skills Aptitude for self-study, setting and achieving long term goals (for example, learning an unfamiliar programming language)Ability to effectively assess and communicate risks and appropriate levels of urgency to management and engineering staffExcellent organizational, presentation, verbal and written communication skills