Job Posting
May. 1st, 2009 12:12 pm![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
foxgrrlMy company is finally hiring someone else to do all the busybody work I don't have time for. Don't worry about the BS degree; if you can write an exploit, for any vulnerable program I give you, then you're qualified. (Actually, if you've ever touched IDA, and know how to read analyze .pcaps, you're qualified. If I can give you a mystery program, and you can tell me what it does, you're qualified. You must be able to act like a mature responsible adult when interacting with other people.)
I didn't write this:
Job Description for the Security Research Engineer
Duties and responsibilities:
The main responsibilities for this position include: (1) keeping track of vulnerability disclosure and malware (with focus on botnet, spyware, and other Trojans that engage in network-based activities) development, (2) performing false positive checking for detection signatures, and (3) conducting detailed analysis of malware behaviors, through code reverse engineering and live behavior studies.
Qualifications
Professional experience:
The candidate should have at least two years of experience in the security field, especially with skills in malicious code analysis. Good knowledge in security vulnerability, exploitation, and Windows OS internals are expected. Solid programming skills are required. Working knowledge of TCP/IP stack and familiarity with network traffic tools are also required. Examples of relevant industries include AV, IDS/IPS/IDP, Web and Message security.
Personality:
Must be hardworking, a self-starter, and effective in a small-team environment.
Formal education:
BS degree in CS/EE or equivalent experience.
Update: You can email me at juliavixen $40 gmail.com If you don't understand that email address stop now. If it was up to me, I'd have everyone send me their stuff in flat in 7-bit ASCII, but since I'm just handing this stuff off the the appropriate manager, all those newfangled dynamic-content enabled document formats are ok. I'll be checking the .DOCs and .PDFs for exploits, if I find any 0-days you get the job. My GPG Public Key if you need it. The job is right on the border of San Jose and Milpitas in Ciscoville.
I didn't write this:
Job Description for the Security Research Engineer
Duties and responsibilities:
The main responsibilities for this position include: (1) keeping track of vulnerability disclosure and malware (with focus on botnet, spyware, and other Trojans that engage in network-based activities) development, (2) performing false positive checking for detection signatures, and (3) conducting detailed analysis of malware behaviors, through code reverse engineering and live behavior studies.
Qualifications
Professional experience:
The candidate should have at least two years of experience in the security field, especially with skills in malicious code analysis. Good knowledge in security vulnerability, exploitation, and Windows OS internals are expected. Solid programming skills are required. Working knowledge of TCP/IP stack and familiarity with network traffic tools are also required. Examples of relevant industries include AV, IDS/IPS/IDP, Web and Message security.
Personality:
Must be hardworking, a self-starter, and effective in a small-team environment.
Formal education:
BS degree in CS/EE or equivalent experience.
![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
no subject
Date: 2009-05-01 09:43 pm (UTC)you know how much it bugs me when a security guy says, "I can't tell it's not in my gui"
I want to scream "You're in security!!!, you should be able to hack your way into any computer on our and most networks"
Instead we get people from auditing companies that say, I need screenshots of the passwd file because the auditors don't want something that can be changed"
So I photoshopped the image do that our machine was full of disney characters.
You may be under a lot of stress, but I was really impressed when you took over the botnet, that was really cool!!
I hope you get a good co-worker out of this mess!!!
and not someone who thinks SSH is the sound the enterprise doors make when they open.