Web Security Researcher

We are looking to fill the position of a security researcher in our Web team. A person in this role will conduct server-side vulnerability research on Web Applications.

Responsibilities:

• Help develop and carry out the Web team research strategy by conducting vulnerability research and exploit development on Web Applications.
• Provide unbiased insights and ideas to the web research team.
• Develop proof-of-concept code and exploits.
• Remain on top of various developments related to Web Technologies such as security mitigations, new features, exploitation techniques, etc.

Requirements:

• Track record of finding impactful server-side vulnerabilities (e.g. Auth Bypass, RCE, User to Admin PE) in Web Applications.
• An understanding of web protocols and web architectures.
• Ability to manually detect and exploit common web vulnerabilities.
• Ability to conduct long-term and widely scoped security research projects as part of a broader team effort.
• Stay up to date with emerging trends of web app security and research methods.
• Exploitation experience is a plus, but not required.

What we offer:

• Finance: Highly competitive compensation package with an additional monetary bonus system based on exploitable vulnerability findings.
• Career Development: Further your career by joining a team of established and experienced security researchers.
• Work Environment: Fully remote with flexible work schedule.
• Off-topic Research: We allow researchers, at their discretion, to spend up to 15% of their time conducting research on other topics.
• Wellness: We offer a prime wellness program designed to promote a healthy lifestyle, which includes, but not limited to access to gyms around the world, health coaching, and more.

For more information, please review our Recruitment Policy at https://dfsec.com/recruitment-policy-en