Vulnerability Researcher Jobs

JOB DESCRIPTION
The Vulnerability Researcher role is responsible for analyzing systems, software, and security strategies to discover previously unknown vulnerabilities to proactively identify and mitigate emerging threats. This is accomplished by performing manual and automated source code review, binary analysis, vulnerability assessments, threat modeling, and security architecture review. This role requires research into the latest threat actors, attack vectors, and the offensive security techniques. Development of custom tooling and automation will be required to supplement manual vulnerability discovery..
RESPONSIBILITIES

• Performs vulnerability assessments using industry best practices on various environments, including web applications, APIs, and cloud infrastructure
• Maintains communication with management regarding development within assigned responsibilities and performs special projects as required
• This list is not all-inclusive, and you are expected to perform other cybersecurity-congruent duties as requested or assigned
• Develops and communicates comprehensive and accurate reports and presentations for client stakeholders including technical staff and executive leadership
• Develops and manages testing methodologies that adhere to common security guidelines and NIST standards
• Exercises thought leadership in the development and execution of security threats and malicious actors
• Conducts an evaluation of cloud security configurations, identifies prevalent vulnerabilities in cloud security controls, and improves and maintains cloud testing standards
• Researches and develops innovative techniques, tools, and methodologies for vulnerability research and red team activities
• Develops leadership-level communications, including management specific metrics, white papers, procedures, thought position papers, etc.
• Provides detailed reports with proof of vulnerabilities, guidance, and advice to support customer teams through vulnerability remediation

QUALIFICATIONS

• Self-motivated with a strong sense of urgency with an adaptive mindset and a demonstrated propensity to learn quickly
• Bachelor's Degree in Computer Science or Management Information related field, or equivalent work experience
• Demonstrated abilities to reverse engineer binaries, enumerate vulnerabilities in compiled software, and provide working exploits (e.g., CVEs, public acknowledgements, or ability to demonstrate on demand)
• Familiarity with scripting/programming of Python, PowerShell, or C# with the ability to create and customize tools
• Extensive experience in offensive cybersecurity roles, such as red teaming, penetration testing (e.g., web, infrastructure, cloud), purple team exercises in cloud and on-prem environments
• Ability to analyze, create, and debug shellcode and other low-level exploits
• 7+ years of work experience in the Cyber Security industry
• Experience developing custom security (either offensive or defensive) software in one or more compiled languages
• Excellent written and verbal communication skills (technical writing, documentation development, process mapping, and visualization)
• Ability to work on multiple, simultaneous initiatives and prioritize workload to meet commitments
• Ability to interact well with co-workers and outside contacts; ability to work collaboratively in a team environment
• Familiarity with automated security analysis and fuzzing tools (e.g., AFL and Peach)
• Must be able to communicate technical concepts to technical and non-technical audiences effectively and communicate well with people in various positions, roles, and levels.
• A solid understanding of computer architecture and organization with respect to binary analysis and exploitation
• Strong analytical and problem-solving skills; ability to examine issues strategically and analytically
• Demonstrated ability to discover vulnerabilities via static analysis and source code review
• A robust understanding of contemporary security theory and application exploitation techniques and attack vectors (including the vulnerability lifecycle and scanning methodologies (SAST, DAST, IAST, RASP))
• Understanding of all phases of adversary emulation operations including reconnaissance, social engineering, exploitation, post-exploitation, covert techniques, lateral movement, and data exfiltration
• A working understanding of key programming languages and frameworks (e.g., Java, Node.js, Python, JSP, etc.), including the ability to pick up new languages quickly, understand the security implications of those languages, and enumerate vulnerabilities in custom-developed software packages that leverage those languages
• Experience developing and managing testing methodologies that adhere to common security guidelines such as OWASP and frameworks such NIST 800 or MITRE ATT&CK

Base Pay Information
The national base pay range is a good-faith estimate of what Delta Dental may pay for new hires. Actual pay may vary based on Delta Dental's assessment of the candidate's knowledge, skills, abilities (KSAs), related experience, education, certifications and ability to meet required minimum job qualifications. Other factors impacting pay include prevailing wages in the work location and internal equity. $133,300 - $260,000
ADDITIONAL INFORMATION
Rewards to make you smile! We don't just want to make our customers happy - we want to give our employees a reason to smile, too. Delta Dental's comprehensive benefits package includes:

• Fertility and diabetes benefits
• Employee discount program: AT&T/Verizon, entertainment, travel, and more!
• Career growth: we love promoting from within
• Low-cost premium medical insurance options
• 100% paid dental and vision insurance
• Generous 401(k) matching and flat contribution
• Social responsibility and volunteer opportunities, including 16 paid volunteer hours annually
• Employee LiveWell program, focusing on overall employee well-being
• Generous paid time off plus 12 holidays and your birthday off!
• Culture of learning: career development and tuition reimbursement

Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.
#LI-Remote
ABOUT THE TEAM
At Delta Dental, our success is only as strong as the people who execute it! We take enormous pride in being the nation's most recognized and widely-used provider of dental insurance - and we've come this far by living our core values of innovation, excellence, service and trust. Our vision is to motivate and empower every employee so that we're all inspired to take exceptional care of our customers, providers and ourselves. We believe in integrity, accountability, collaboration, and giving every employee equitable opportunity for their voice to be heard and development to be fostered.
If you're excited about the prospect of transforming the future of health care and growing in your career, join our smile revolution!
To see some of the smiling faces behind Delta Dental and to learn more about what our values and culture look like in action, connect with us on social media: Delta Dental Ins. on Facebook and Instagram, #LifeatDDins on Facebook and Instagram, Delta Dental Ins. on Twitter and Delta Dental Ins. on LinkedIn.
We are part of the Delta Dental Plans Association, a network of companies that provides dental coverage to 74 million people in the U.S. Delta Dental of California, Delta Dental of New York, Inc., Delta Dental of Pennsylvania and Delta Dental Insurance Company, together with our affiliate companies, form one of the nation's largest dental benefits delivery systems, covering 33 million enrollees. All of our companies are members, or affiliates of members, of the Delta Dental Plans Association, a network of 39 Delta Dental companies throughout the country.
Delta Dental is an equal opportunity employer. We are committed to building and maintaining a diverse and inclusive workplace for all employees. Applicants will not be discriminated against because of race, color, religion, creed, national origin, ancestry, citizenship status, sex (including pregnancy), sexual orientation, gender or identity expression, age, disability, marital status, medical status, veteran status or any other status protected under federal, state, or local law. In addition to federal law requirements, Delta Dental complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.
Unfortunately, our Delta Dental Enterprise is unable to hire individuals residing in Alaska, North Dakota, Nebraska, Hawaii, Oklahoma, Vermont, Maine, West Virginia, New Hampshire, Wyoming, Puerto Rico or other US Territories at this time.
Proof of eligibility to work in the United States must be provided if selected for hire.
Delta Dental* has enacted a COVID-19 vaccination policy to protect all employees and the communities we serve due to the ongoing impacts of the COVID-19 pandemic. Accordingly, we require all employees to be fully vaccinated for COVID-19. Are you able to comply with our policy of being fully vaccinated by your start date if an offer is made or have a medical or sincerely held religious exemption for receiving a COVID-19 vaccine? Failure to comply with our policy and submit proof of compliance or receive approval for a valid medical or sincerely held religious belief exemption prior to your start date will nullify any offer of employment extended to you.

• Delta Dental includes: Delta Dental of California, Delta Dental Insurance Company, Delta Dental of Pennsylvania, and Delta Dental of New York