Senior Security Researcher
Endor LabsFull Time
Senior (5 to 8 years)
Candidates must have at least 5 years of experience in vulnerability research and exploit development, with significant experience using debuggers like OllyDbg, WinDbg, or x64dbg, and disassemblers/decompilers such as IDA Pro or Ghidra. Proficiency in common software vulnerabilities and binary exploitation is required, along with experience building automated fuzzing tools to discover new vulnerabilities. A track record of responsible disclosure with documented CVEs for Microsoft products and services is necessary, and candidates should be comfortable presenting technical research to large audiences. Preferred qualifications include professional English writing skills for blogs and technical reports, deep knowledge of Windows operating system internals including kernel architecture, and familiarity with Windows security features like ASLR, DEP, and Control Flow Guard, as well as evasion techniques.
The Senior Threat Researcher will lead advanced vulnerability research projects to enhance security solutions, conduct in-depth research to identify zero-day vulnerabilities in popular software applications, and develop proof-of-concept exploits to demonstrate their potential impact. They will also mentor and guide junior researchers to foster a culture of continuous learning and innovation, document findings with detailed technical reports, and present research at industry conferences.
Cloud-based cybersecurity and secure gateway services
Zscaler provides cloud-based information security services, focusing on internet, web, and cloud security. Its platform functions as a secure gateway that inspects all internet traffic between users and applications, ensuring that threats are identified and stopped before they can access a client's network. This service is offered through a subscription model, allowing large enterprises and government organizations to select the level of security that meets their needs. Zscaler differentiates itself from competitors by offering a strong partner program that enhances market reach and provides partners with training and resources. The company's goal is to support secure digital transformation for its clients by delivering reliable security solutions.