Web Application Vulnerability Researcher (Senior)
Indexed description
InnoEdge believes in fostering a culture where team members are encouraged to overcome challenges, explore new ideas, and work together to succeed. We value individuals who are determined to push beyond the boundaries, and have a thirst for knowledge, continuous learning, and self-improvement.
Collaboration is key to our success. We prioritise open communication, constructive feedback, and a willingness to help others. We are committed to creating a supportive work environment that encourages excellence, innovation, and continuous improvement. We're looking for individuals who share our values and are excited to join us on our cyber mission.
Responsibilities
- Recommend direction for research projects and conceptualize new tools/techniques that will enhance the vulnerability discovery process
- Perform deep research into web applications with complex codebases to understand the attack surface for an attacker to abuse
- Ideate hypothesis as to how an attacker could possibly abuse features in the application and validate if hypothesis holds true
- Develop proof of concept to demonstrate the severity of the discovered vulnerability and propose mitigations
- Develop cutting edge tools to improve and scale up the vulnerability discovery process for web applications.
- Keep abreast of the latest research into web security and vulnerabilities detection techniques
- Level up the local security community through mentorship of aspiring security researcher, publishing blog post and speaking at conferences
- Demonstrated ability to
- Perform attack surface analysis and prioritization of research on a web application
- Independently apply static/dynamic analysis techniques to find low lying bugs in a web application
- Discover and exploit vulnerability in web applications
- Deep understanding of web programming languages (PHP, Java, Python, .Net...), web frameworks, typical web vulnerabilities and how they are commonly exploited.
- Track record of having found vulnerabilities in the last 4 years
- Fluency in assembly language (x86/64)
- Experience in debugging, reverse engineering binary and exploiting memory corruption and logic vulnerabilities
- Track records in these areas:
- Consistency in discovering security-related vulnerabilities and demonstrating their impact
- Performing research on a complex web application by a major vendor (e.g. WordPress), applying attack surface analysis and prioritization, and performing various static and dynamic analysis techniques to find bugs in the different components
- Discovering and exploiting security vulnerabilities in in a complex application by a major vendor (e.g. Exchange, WordPress)
- Training & Development
- Performance Bonus
- Medical Benefits
- Hybrid Work Arrangement
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search