Experis Singapore

Research Engineer (Vulnerability Analysis)

Experis Singapore| Date Posted: 18-Oct-2020
EA Licence No: 02C3423
Save Job
Job Nature:

Job Description

As a research engineer you will work closely with the SCA engineering team to research and maintain our vulnerability database. You will also help identify new vulnerability data sources and implement processes to improve the quality of our data. As part of this team you will get the opportunity to work on improving the state of security in open-source code. We provide a great engineering culture and give lot of autonomy to individuals to work on interesting problems relevant to our business that can have big impact.

  • Review incoming commits, emails, and bug reports to look for vulnerabilities in open source libraries
  • Triage the newest vulnerabilities released
  • Track library release notes and associated security bulletins Publish high quality vulnerability advisories with exploit information, details about risk, and mitigation/workaround details
  • Develop tools and techniques to identify new vulnerabilities and analyze vulnerable methods
  • Perform risk assessments on vulnerabilities identified, then describe the risk posed to customers
  • Use in-house tooling and/or custom tooling to do low probability, high payoff moonshot style research into the most popular libraries
  • Other activities relating to security research around library vulnerabilities

Required Skills:
  • BS/MS/PhD in Computer Science or related field, or relevant industry experience is required
  • 2-5 years' experience in vulnerability analysis
  • Working knowledge of programming languages such as Java, Python, JavaScript, Ruby, Go, or C/C++
  • Knowledge of package management systems such as Maven, RubyGems or npm
  • Knowledge of software security vulnerability types and common attack methods
  • ownership attitude and a track record of taking responsibility for problems, deadlines, and SLAs

Desired Skills:
  • Familiarity working in an environment that heavily utilizes cloud services and cloud-based infrastructure
  • Experience working as a security researcher,
  • Enjoys working on low probability but huge payoff research problems
  • Familiarity working in an environment with strict security requirements

Arvin Clark Sikat, Sombilla EA License No.: 02C3423 Personnel Registration No.: R1222536

Please note that your response to this advertisement and communications with us pursuant to this advertisement will constitute informed consent to the collection, use and/or disclosure of personal data by ManpowerGroup Singapore for the purpose of carrying out its business, in compliance with the relevant provisions of the Personal Data Protection Act 2012. To learn more about ManpowerGroup's Global Privacy Policy, please visit https://www.experis.com.sg/privacy-policy
Company Overview
Experis Singapore