Knox Security Researcher, Mountain View
Knox Security Researcher, Mountain View
-
Mountain View 94039, USA -
Posted: less than a week ago
-
Save -
Share
Description
Knox Security Team Member
As part of the Knox Security team, security research engineers identify and solve difficult security challenges involving Samsung's mobile and enterprise laptop products. Team members are typically expert in one or more specialties, and can expect to learn more about other areas from exposure to the rest. Broad areas of work include researching and architecting hardware-based and software security mechanisms, performing vulnerability assessments, analyzing reported exploits and suggesting ways to strengthen security, and developing automated tools for security analysis of code and binaries. This is an R&D position, and research publications in academic conferences and patents are encouraged. Technical Keywords: Secure design and architecture, cryptography, malware, access control, exploitation, vulnerability assessment, reverse engineering, static and dynamic analysis, fuzz testing, emulation, security research, UEFI/BIOS, TPM, ARM TrustZone, hypervisorResponsibilities: Propose client security features at various layers of the stack for Samsung's smartphones and PCs (hardware-based, UEFI/BIOS, ARM TrustZone, hypervisor, Linux/Windows/Android) to achieve enterprise-level PC/smartphone security and work with product management teams to refine proposalsDesign and architect security features using hardware security features, access control, cryptography, and secure protocol design. Provide expert security guidance to global development teams and ensure security requirements are met through the development process Review existing feature designs and propose enhancements to secure them furtherPerform security assessments of various layers of the software stack Use existing tools and develop new tools for automated vulnerability assessment as required Keep up-to-date with latest attacks, analyze exploits from any reported incidents, and provide expert security guidance to global development teams to ensure proper fixes for security issuesResearch and innovate security through academic publications in top security and systems conferences and patents Minimum Qualifications: Undergraduate degree in technical field (e.g., Engineering or Computer Science) or equivalent practical experience Demonstrable experience with computer security issues, as demonstrated by:
Conference papers or talks Academic or industry experience Vulnerability disclosures, such as CVEs Tools developed to analyze computer programs
A sense of humor! Preferred Qualifications: Typically requires 10+ years of related experience in a professional role with a Bachelor's degree; or 8+ years with a Master's degree; or 5+ years with a PhD; or equivalent experience. Experience as a tech lead or a security architect for big projects and previous research experience with computer security are a plus. Professional or practical experience in one or more of the following areas:Ability to securely design and architect features with an understanding of threat and trust models, cryptography, access control, and secure protocol design PC/Windows/Client Security: An overall understanding of the Windows/PC/Client hardware and software stack, with deeper technical knowledge of in one or more of the following areas:
Windows OS, security threats (malware, ransomware, rootkits) and defenses Hardware technologies such as Client VT-x, TXT, and CSME, TPM UEFI/BIOS, secure boot, system management mode, hypervisor-based security using Hyper-V or nested hypervisors
Android/Linux/Firmware Security: A holistic understanding of the Android/Linux/ARM smartphone hardware and software stack, with deeper technical knowledge in of one or more of the following:
Android framework security and internals, SELinux/SEAndroid Linux kernel, drivers, bootloaders, ARM TrustZone, hypervisors
Vulnerability Assessment and Tooling: Knowledge of exploitation techniques, mitigations, and
Buffer overflows, return-oriented programming, heap spraying, ASLR, access control Experience using security assessment techniques such as fuzz testing, reverse engineering, static and dynamic analysis, symbolic execution, emulation Ability to use a programming language of choice to write proof-of-concept exploits, patches, and develop new tools for automated testing
Boundless optimism!
As part of the Knox Security team, security research engineers identify and solve difficult security challenges involving Samsung's mobile and enterprise laptop products. Team members are typically expert in one or more specialties, and can expect to learn more about other areas from exposure to the rest. Broad areas of work include researching and architecting hardware-based and software security mechanisms, performing vulnerability assessments, analyzing reported exploits and suggesting ways to strengthen security, and developing automated tools for security analysis of code and binaries. This is an R&D position, and research publications in academic conferences and patents are encouraged. Technical Keywords: Secure design and architecture, cryptography, malware, access control, exploitation, vulnerability assessment, reverse engineering, static and dynamic analysis, fuzz testing, emulation, security research, UEFI/BIOS, TPM, ARM TrustZone, hypervisorResponsibilities: Propose client security features at various layers of the stack for Samsung's smartphones and PCs (hardware-based, UEFI/BIOS, ARM TrustZone, hypervisor, Linux/Windows/Android) to achieve enterprise-level PC/smartphone security and work with product management teams to refine proposalsDesign and architect security features using hardware security features, access control, cryptography, and secure protocol design. Provide expert security guidance to global development teams and ensure security requirements are met through the development process Review existing feature designs and propose enhancements to secure them furtherPerform security assessments of various layers of the software stack Use existing tools and develop new tools for automated vulnerability assessment as required Keep up-to-date with latest attacks, analyze exploits from any reported incidents, and provide expert security guidance to global development teams to ensure proper fixes for security issuesResearch and innovate security through academic publications in top security and systems conferences and patents Minimum Qualifications: Undergraduate degree in technical field (e.g., Engineering or Computer Science) or equivalent practical experience Demonstrable experience with computer security issues, as demonstrated by:
Conference papers or talks Academic or industry experience Vulnerability disclosures, such as CVEs Tools developed to analyze computer programs
A sense of humor! Preferred Qualifications: Typically requires 10+ years of related experience in a professional role with a Bachelor's degree; or 8+ years with a Master's degree; or 5+ years with a PhD; or equivalent experience. Experience as a tech lead or a security architect for big projects and previous research experience with computer security are a plus. Professional or practical experience in one or more of the following areas:Ability to securely design and architect features with an understanding of threat and trust models, cryptography, access control, and secure protocol design PC/Windows/Client Security: An overall understanding of the Windows/PC/Client hardware and software stack, with deeper technical knowledge of in one or more of the following areas:
Windows OS, security threats (malware, ransomware, rootkits) and defenses Hardware technologies such as Client VT-x, TXT, and CSME, TPM UEFI/BIOS, secure boot, system management mode, hypervisor-based security using Hyper-V or nested hypervisors
Android/Linux/Firmware Security: A holistic understanding of the Android/Linux/ARM smartphone hardware and software stack, with deeper technical knowledge in of one or more of the following:
Android framework security and internals, SELinux/SEAndroid Linux kernel, drivers, bootloaders, ARM TrustZone, hypervisors
Vulnerability Assessment and Tooling: Knowledge of exploitation techniques, mitigations, and
Buffer overflows, return-oriented programming, heap spraying, ASLR, access control Experience using security assessment techniques such as fuzz testing, reverse engineering, static and dynamic analysis, symbolic execution, emulation Ability to use a programming language of choice to write proof-of-concept exploits, patches, and develop new tools for automated testing
Boundless optimism!
Highlights
-
Company nameOmega Solutions Inc -
Job positionKnox Security Researcher
-
Flag -
Block ad
Safety Tips
Be careful if you are offered a job on the spot.
Related searches
More info about this ad
Knox Security Researcher has been posted in the Mountain View Education & Training category on Locanto.
In this category, there are no other ads right now posted in Mountain View.
There are more ads within a 10 mi radius for this category. If you want to view those ads, click here.
