Zscaler

Senior Threat Researcher - Vulnerability Research, Fuzzing, Windows

Bengaluru, Karnataka, India

Not SpecifiedCompensation
Senior (5 to 8 years), Expert & Leadership (9+ years)Experience Level
Full TimeJob Type
UnknownVisa
Cloud Security, CybersecurityIndustries

Requirements

Candidates must have at least 5 years of experience in vulnerability research and exploit development, with significant experience using debuggers like OllyDbg, WinDbg, or x64dbg, and disassemblers/decompilers such as IDA Pro or Ghidra. Proficiency in common software vulnerabilities and binary exploitation is required, along with experience building automated fuzzing tools to discover new vulnerabilities. A track record of responsible disclosure with documented CVEs for Microsoft products and services is necessary, and candidates should be comfortable presenting technical research to large audiences. Preferred qualifications include professional English writing skills for blogs and technical reports, deep knowledge of Windows operating system internals including kernel architecture, and familiarity with Windows security features like ASLR, DEP, and Control Flow Guard, as well as evasion techniques.

Responsibilities

The Senior Threat Researcher will lead advanced vulnerability research projects to enhance security solutions, conduct in-depth research to identify zero-day vulnerabilities in popular software applications, and develop proof-of-concept exploits to demonstrate their potential impact. They will also mentor and guide junior researchers to foster a culture of continuous learning and innovation, document findings with detailed technical reports, and present research at industry conferences.

Skills

Vulnerability Research
Fuzzing
Windows
Threat Intelligence
Zero-day Vulnerabilities
Proof-of-Concept Development

Zscaler

Cloud-based cybersecurity and secure gateway services

About Zscaler

Zscaler provides cloud-based information security services, focusing on internet, web, and cloud security. Its platform functions as a secure gateway that inspects all internet traffic between users and applications, ensuring that threats are identified and stopped before they can access a client's network. This service is offered through a subscription model, allowing large enterprises and government organizations to select the level of security that meets their needs. Zscaler differentiates itself from competitors by offering a strong partner program that enhances market reach and provides partners with training and resources. The company's goal is to support secure digital transformation for its clients by delivering reliable security solutions.

San Jose, CaliforniaHeadquarters
2008Year Founded
$148.8MTotal Funding
IPOCompany Stage
Enterprise Software, CybersecurityIndustries
5,001-10,000Employees

Benefits

Comprehensive health plans
Supportive parental & family leave
On-demand learning & development
Company-sponsored volunteering
Global tuition assistance program
Guilt-free paid time off

Risks

Emerging cybersecurity firms may erode Zscaler's market share.
Economic downturns could impact Zscaler's subscription-based revenue model.
The retirement of CFO Mr. Canessa may lead to financial instability.

Differentiation

Zscaler offers a 100% cloud-based security platform, eliminating on-premise hardware needs.
The company is a Gartner magic quadrant leader for secure web gateways.
Zscaler's platform inspects all internet traffic, ensuring threats are neutralized pre-network.

Upsides

Zscaler's FY/25 guidance was revised upward, indicating strong financial performance.
The partnership with Bharti Airtel enhances Zscaler's zero-trust architecture offerings.
Zscaler's hiring of government experts strengthens its position in the public sector.

Land your dream remote job 3x faster with AI