What are the responsibilities and job description for the Vulnerability Researcher position at Cisco?
Meet The Team
Cisco Talos Vulnerability Discovery and Research Team, a dynamic group dedicated to enhancing the security of Cisco customers and the global community. Our team excels in identifying and analyzing security vulnerabilities across third-party products. We are passionate about discovering and helping to mitigate vulnerabilities in products and services that impact the lives of many people. Our experts conduct in-depth research into vulnerabilities and exploitation trends to help us accurately assess risk. Collaboration is at the heart of what we do, as we work closely with internal teams and industry partners to share valuable insights and improve security practices industry-wide. We practice coordinated disclosure, notifying affected parties ahead of publication. Our team thrives on strong analytical skills, a proactive mindset, and a commitment to fostering a secure digital environment.
Your Impact
If you enjoy vulnerability research, crash analysis, reverse engineering, and researching new techniques and writing tools to automate these tasks, this job is for you. This Senior Researcher position with Cisco Talos Vulnerability Discovery and Research Team is available to remote workers based in the United States.
Security research including development of tools for vulnerability discovery, analysis, and mitigation. Development of fuzzers and static analysis tools to identify new vulnerabilities in software. Development of static and run-time analysis tools to figure out root cause and input conditions related to a vulnerability. Vulnerability triage and proof of concept exploit development to support the creation of detection content. Additional responsibilities include helping users and other analysts with setup, installation, and usage of the vulnerability research tools and demonstrating leadership in the security community through publishing open-source tools, papers, presentations, and blog posts
#WeAreCisco where every individual brings their unique skills and perspectives together to pursue our purpose of powering an inclusive future for all.
Our passion is connection-we celebrate our employees' diverse set of backgrounds and focus on unlocking potential. Cisconians often experience one company, many careers where learning and development are encouraged and supported at every stage. Our technology, tools, and culture pioneered hybrid work trends, allowing all to not only give their best, but be their best.
We understand our outstanding opportunity to bring communities together and at the heart of that is our people. One-third of Cisconians collaborate in our 30 employee resource organizations, called Inclusive Communities, to connect, foster belonging, learn to be informed allies, and make a difference. Dedicated paid time off to volunteer-80 hours each year-allows us to give back to causes we are passionate about, and nearly 86% do!
Our purpose, driven by our people, is what makes us the worldwide leader in technology that powers the internet. Helping our customers reimagine their applications, secure their enterprise, transform their infrastructure, and meet their sustainability goals is what we do best. We ensure that every step we take is a step towards a more inclusive future for all. Take your next step and be you, with us!
Cisco Talos Vulnerability Discovery and Research Team, a dynamic group dedicated to enhancing the security of Cisco customers and the global community. Our team excels in identifying and analyzing security vulnerabilities across third-party products. We are passionate about discovering and helping to mitigate vulnerabilities in products and services that impact the lives of many people. Our experts conduct in-depth research into vulnerabilities and exploitation trends to help us accurately assess risk. Collaboration is at the heart of what we do, as we work closely with internal teams and industry partners to share valuable insights and improve security practices industry-wide. We practice coordinated disclosure, notifying affected parties ahead of publication. Our team thrives on strong analytical skills, a proactive mindset, and a commitment to fostering a secure digital environment.
Your Impact
If you enjoy vulnerability research, crash analysis, reverse engineering, and researching new techniques and writing tools to automate these tasks, this job is for you. This Senior Researcher position with Cisco Talos Vulnerability Discovery and Research Team is available to remote workers based in the United States.
Security research including development of tools for vulnerability discovery, analysis, and mitigation. Development of fuzzers and static analysis tools to identify new vulnerabilities in software. Development of static and run-time analysis tools to figure out root cause and input conditions related to a vulnerability. Vulnerability triage and proof of concept exploit development to support the creation of detection content. Additional responsibilities include helping users and other analysts with setup, installation, and usage of the vulnerability research tools and demonstrating leadership in the security community through publishing open-source tools, papers, presentations, and blog posts
- Perform security analysis to discover new vulnerabilities in software and/or embedded systems.
- Create tools for the discovery and triage of vulnerabilities.
- Write detailed technical advisories on new vulnerabilities.
- Develop proof of concept exploits for testing IPS and IDS effectiveness.
- Perform patch analysis to find and trigger vulnerabilities.
- Reverse engineer binary applications, protocols, and formats.
- Analyze zero-day vulnerabilities and emerging security threats and technologies.
- Demonstrate leadership within the security community.
- Bachelor’s degree or equivalent in Computer Science, Electrical Engineering, Cyber Security, or other tech-related degree
- 3 years of experience in vulnerability research or a closely related area, e.g. exploit, fuzzing or mitigation development
- 3 years’ experience with C/C , and a scripting language (e.g., Python), and assembly (e.g., x86/x64, ARM, etc.)
- Experience with binary auditing and reverse engineering, and with related tools such as IDA Pro, Binary Ninja, Ghidra, etc. and with plugin development.
- Experience with common vulnerabilities and methods of exploitation, such as memory corruption, web application exploitation, file format vulnerabilities, protocol-based weaknesses, etc.
- Published technical contributions to the security community (e.g. CVEs, security advisories, blog posts (0-day/n-day analysis), open source contributions, academic publications, etc.)
- Candidates with experience in vulnerability research in industrial control systems are encouraged to apply
- Knowledge of common file format and network protocol structures.
- Ability to work independently with minimum supervision and to tackle additional tasks as the need arises.
#WeAreCisco where every individual brings their unique skills and perspectives together to pursue our purpose of powering an inclusive future for all.
Our passion is connection-we celebrate our employees' diverse set of backgrounds and focus on unlocking potential. Cisconians often experience one company, many careers where learning and development are encouraged and supported at every stage. Our technology, tools, and culture pioneered hybrid work trends, allowing all to not only give their best, but be their best.
We understand our outstanding opportunity to bring communities together and at the heart of that is our people. One-third of Cisconians collaborate in our 30 employee resource organizations, called Inclusive Communities, to connect, foster belonging, learn to be informed allies, and make a difference. Dedicated paid time off to volunteer-80 hours each year-allows us to give back to causes we are passionate about, and nearly 86% do!
Our purpose, driven by our people, is what makes us the worldwide leader in technology that powers the internet. Helping our customers reimagine their applications, secure their enterprise, transform their infrastructure, and meet their sustainability goals is what we do best. We ensure that every step we take is a step towards a more inclusive future for all. Take your next step and be you, with us!
Salary : $140,000 - $197,700
