Security Software Engineer

3 days left

Location
Cheltenham, Gloucestershire
Salary
Competitive salary + benefits
Posted
27 Jul 2017
Closes
24 Aug 2017
Contract Type
Permanent
Hours
Full Time

How would you like to be on the front lines of Microsoft’s battle with 0-day security vulnerabilities, hackers, and active cyber-attacks?

Do you like getting your hands dirty digging into vulnerabilities to learn what makes them tick and how they might be used maliciously?   Do you also enjoy the thought of competing with security researchers around the world searching for never before seen vulnerabilities?  

Microsoft’s MSRC Vulnerabilities & Mitigations group, is looking for a Security Software Engineer to help out on a highly technical team whose mission is to protect 440 million people from software vulnerabilities.

Use your knowledge and passion to improve the security of all Microsoft products by playing a critical role in the security updates that ship on the second Tuesday of every month. Work in a team of avid security professionals reading source code, looking at assembly, and developing software to protect Microsoft customers from current and emerging security threats from around the world.

 

Key Accountabilities

Investigate and document vulnerabilities reported to Microsoft in various products, look for more vulnerabilities in those products, and ensure security patches fix the vulnerabilities properly. Research into new techniques to protect customers, find before the outside world security vulnerabilities or mitigation bypasses and develop new vulnerability mitigations.

 

Key Success Criteria

Security patches are released without issues, no similar vulnerabilities are found in the released patch.   Through research Microsoft products become even more secure.

 

Knowledge, Skills and Experience

Essential Experience

Experience finding vulnerabilities, assessing severity and exploitation potential of vulnerabilities

 

Technical/Functional Skills

- In-depth knowledge of debugging and reverse engineering Linux/Unix and Windows unmanaged code

- In-depth knowledge of Linux/Unix security model

- Able to demonstrate how security vulnerabilities work: E.g. Use after free, heap corruption, type confusion, etc.

- An understanding the Web Applications security – cryptography security issues, design flaws, and internet browser technologies.

- Web Applications penetration testing and vulnerability analysis – manual and automated

- Able to find security vulnerabilities via penetration testing, code review, reverse engineering or using tools

- Development skills in C or C++

- The capability to develop vulnerability detection tools such as scanners, static analyzers and vulnerability mitigations

 

Desirable areas of expertise:

- Open Source Software development

- An understanding of exploitation techniques

- Development skills in Python

 

Personal Attributes/Interpersonal Skills

- Ability to collaborate with and influence other people to reach the desired outcome

- Passion for trustworthy computing and software security

- Desire to stay up to date on the security landscape

 

Qualifications

- Relevant computer science degree highly desirable

 

Microsoft is an equal opportunity employer and supports workforce diversity

Apply for Security Software Engineer

Already uploaded your CV? Sign in to apply instantly

Apply

Upload from your computer

Or import from cloud storage

Your CV must be a .doc, .pdf, .docx, .rtf, and no bigger than 1MB


4000 characters left


By applying for a job listed on Fish4.co.uk you agree to our terms and conditions and privacy policy. You should never be required to provide bank account details. If you are, please email us.