Job description / Role
You have the experience, expertise and drive to lead. What you're missing is the freedom to create your dream. When you join DarkMatter, you'll find that freedom and build the future of cyber security in the UAE.
As a Principal Vulnerability Security Researcher, you will:
- Lead large security projects
- Analyze complex applications to understand how they work, where they have weaknesses and demonstrate how identified vulnerabilities can be exploited by developing Proof-of-Concepts
- Conduct research on new techniques, security mitigations and identify zero-day vulnerabilities
- Produce security advisories to vendors, write technical blog posts, present at conferences and create white papers
- Deliver security reports by performing security audits
- Mentor and coach colleagues in your area of expertise
- Nurture relationships with clients
- Improve testing methodologies
- Develop security tools
- Be a valued member in a great team of security experts and work in a lab environment
- Enjoy all the cultural, educational and travel opportunities Abu Dhabi offers
To bring your dream to life, you'll need:
- Worked professionally in vulnerability research for 10+ years
- Expert in reverse engineering, vulnerability discovery, triaging, mitigation and exploitation
- Excellent knowledge of system internals including kernel architecture and memory management
- Experienced with fuzzing frameworks, such as: AFL, WinAFL, ClusterFuzz, LibFuzzer and Honggfuzz
- Extensive experience in vulnerability analysis, patch analysis and determining exploitability using tools like: WinDBG, IDA Pro, Radare2, GDB and Binary Ninja
- Substantial knowledge of dynamic tools that detect bugs during project execution: AddressSanitizer, Valgrind, VTrace, pydbg and pykd
- In-depth knowledge of dynamic binary translation and tool development using frameworks such as DynamoRIO, PIN and DynIns
- Expertise in one or more programming languages
- Experience working with secure coding methodology, best practices and their implementation within engineering teams
- Knowledge of one or more assembly languages (x86/64, ARM, etcâ€¦)
- Proven participation in disclosure of vulnerabilities, blog, capture the flag events, conference presentations and bug bounty programs would be an advantage
- Strong foundations in computer architecture, network, web technologies, Operating Systems or embedded systems
- Lead team of 8+ people
- Excellent written and verbal communication skills; including the ability to convey highly technical information to non-technical audiences
- A degree in computer science, computer engineering, electrical engineering or obtained relevant security certifications
Working in Abu Dhabi
Just off the Arab Gulf and right at the edge of your imagination, is a place where geniuses make their cyber security dreams come true.
At DarkMatter, we're turning our biggest ideas into reality in the fastest moving and most dynamic city on the planet. Working here, you'll lead technical innovation in the region while taking advantage of all Abu Dhabi has to offer. From first class healthcare and education, to superior living accommodations and cultural attractions, you'll find your ideal career and more in this global crossroads. The UAE is one of the safest and most secure areas in the world. And with its location between Europe, Africa and Asia, you'll expand your worldview in just a short flight. But you won't have to venture far from the city to experience its diversity. You'll find people of over 50 nationalities working at DarkMatter. Join us and see that while far away from the concrete tech jungle, Abu Dhabi is an oasis where your latest innovations will thrive and grow.
About the Company
DarkMatter is transforming the cyber security landscape. Headquartered in the UAE and operating globally, we're the region's first and only fully integrated digital defence and cyber security consultancy and implementation firm. Our elite team of global experts deliver advanced, next-generation solutions to governments and enterprises across the cyber security spectrum.
We help clients simplify the enormous complexity of today's ever-evolving cyber threats. Our vision is to protect the future by securing its technologies. Innovation and Research are cornerstones to our development and the activities in these areas underpin our entire range of offerings, including Secure Communications, Public Key Infrastructure and Big Data & Analytics products.