Sr. Vulnerability Researcher ( Jr and Sr. Level)
Newark, California, United States
Applications have closed
Lucid Motors
With extraordinary design, performance, range, convenience, and utility, Lucid Gravity is the future of sustainable mobility, reimagining the luxury electric SUV.
Leading the future in luxury electric and mobility
At Lucid, we set out to introduce the most captivating, luxury electric vehicles that elevate the human experience and transcend the perceived limitations of space, performance, and intelligence. Vehicles that are intuitive, liberating, and designed for the future of mobility.
We plan to lead in this new era of luxury electric by returning to the fundamentals of great design – where every decision we make is in service of the individual and environment. Because when you are no longer bound by convention, you are free to define your own experience.
Come work alongside some of the most accomplished minds in the industry. Beyond providing competitive salaries, we’re providing a community for innovators who want to make an immediate and significant impact. If you are driven to create a better, more sustainable future, then this is the right place for you.We are seeking an experienced Senior Vulnerability Researcher to join our team and take a leading role in advancing our organization's security posture. In this position, you will apply your extensive expertise in vulnerability research, exploit development, and security analysis to identify and address software vulnerabilities.
Your responsibilities will include leading advanced vulnerability research efforts, developing complex proof-of-concept exploits, and providing mentorship to junior team members. Additionally, you will play a crucial role in automating tasks related to reverse engineering and vulnerability research. To excel in this role, you should have a strong background in disassemblers, fuzzing techniques, ARM assembly languages, symbolic execution, and debugging tools. Proficiency in using Qemu and a proven ability to analyze crash reports are also essential qualifications.
If you have a passion for cybersecurity and want to make a significant impact in enhancing security measures, we encourage you to apply
*This is an Onsite opportunity at our HQ office in Newark, CA**
Responsibilities:
Required Qualifications:
Preferred Qualifications:
Your responsibilities will include leading advanced vulnerability research efforts, developing complex proof-of-concept exploits, and providing mentorship to junior team members. Additionally, you will play a crucial role in automating tasks related to reverse engineering and vulnerability research. To excel in this role, you should have a strong background in disassemblers, fuzzing techniques, ARM assembly languages, symbolic execution, and debugging tools. Proficiency in using Qemu and a proven ability to analyze crash reports are also essential qualifications.
If you have a passion for cybersecurity and want to make a significant impact in enhancing security measures, we encourage you to apply
*This is an Onsite opportunity at our HQ office in Newark, CA**
Responsibilities:
- Advanced Vulnerability Research: Lead and perform advanced vulnerability research on software systems, utilizing both static and dynamic analysis methods.
- Exploit Development: Develop complex proof-of-concept exploits for identified vulnerabilities to demonstrate their potential impact.
- Documentation and Reporting: Document all research findings, including the identification and exploitation of vulnerabilities. Prepare detailed reports and presentations for team members and customers.
- Sophisticated Exploitation Techniques: Utilize advanced software and hardware exploitation methods to gain access to protected information, systems, or devices.
- Automation Leadership: Drive the development of advanced tools and techniques to automate tasks that traditionally require extensive manual reverse engineering efforts, vulnerability research, and binary fingerprinting.
- Mentorship and Technical Leadership: Provide mentorship, guidance, and technical leadership to junior team members. Be available to unblock any issues they may face during their work.
- Deep Reverse Engineering: Lead in-depth reverse engineering efforts on complex software applications running on Linux, Android, or Real-Time Operating Systems (RTOS).
- Advanced Application Assessment and Debugging: Utilize advanced application assessment and debugging tools, such as Frida, GDB debugger, and others, for in-depth analysis and assessment of software for vulnerabilities.
- Expertise in Emulation or Simulation Engines: Leverage deep expertise in working with emulation or simulation engines like Qemu, Qiling, Qdb, Unicorn, Capstone, etc., for highly advanced analysis and research.
- C or C++ Development: Utilize your advanced C or C++ programming skills to work with embedded software systems.
Required Qualifications:
- Bachelor’s degree in computer science, computer engineer
- 5+ years of related experience
- Extensive experience working with disassemblers such as IDA Pro, Binary Ninja, radare2, or Ghidra.
- Proficiency in advanced fuzzing concepts, including Coverage-guided, Fuzzing Workflow, and Crash Analysis.
- Mastery of fuzzing tools such as LibFuzzer, AFL++, or Honggfuzz.
- In-depth understanding of ARM assembly languages.
- Proficiency in advanced testing techniques such as Symbolic Execution, Concolic Execution, or Differential Fuzzing.
- Comprehensive experience using Qemu.
- Proven expertise in analyzing crash reports for debugging or identifying vulnerabilities.
Preferred Qualifications:
- Master’s degree in computer science, computer engineer
- 3 years related experience.
- Familiarity with tools like Qiling, QBDI, Unicorn, Capstone
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Android Automation C Computer Science Exploit Exploits Ghidra Linux Privacy Reverse engineering Security analysis Vulnerabilities
Region:
North America
Country:
United States
Job stats:
39
7
0
Category:
Research Jobs
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs