We are seeking a highly skilled and experienced Senior Engineer to lead our Fuzz Testing efforts. The ideal candidate should have extensive experience in fuzz testing, with a deep understanding of tools like libfuzzer, onefuzz, clusterfuzz and expertise in developing effective fuzzing strategies. Additionally, experience in penetration testing and leading teams is highly desirable.
Key Responsibilities:
Fuzz Testing Strategy and Implementation:
Develop and implement comprehensive fuzz testing strategies.
Design and implement custom fuzzers and harnesses using industry-standard tools and frameworks, such as AFL, LibFuzzer, and Honggfuzz, to efficiently uncover vulnerabilities and bugs in software components.
Build and maintain comprehensive test corpora for various data formats, including JPEG, PDF, video, TrueType fonts, and others, to enhance the effectiveness of fuzz testing efforts.
Continuously optimize harnesses and fuzz testing configurations to maximize code coverage, test case generation, and overall efficiency of the fuzzing process.
Document fuzz testing processes, strategies, and findings, and contribute to the development of security guidelines, standards, and best practices within the organization.
Analyse fuzz testing results, identify potential security vulnerabilities, crashes, and other software defects, and prioritize them based on severity and risk.
Collaborate with development teams to address issues and ensure software security.
Stay up-to-date with security trends, vulnerabilities, and exploitation techniques.
Team Leadership and Mentoring:
Lead and mentor fuzz testing and penetration testing teams.
Foster a collaborative and inclusive team environment, promoting knowledge sharing.
Provide technical guidance, best practices, and training.
Ensure adherence to industry standards, security protocols, and policies.
Qualifications:
8+ years of experience in Cyber Security with expertise in Fuzz Testing using Libfuzzer and Penetration Testing.
Proven track record in developing and implementing effective fuzzing strategies.
Solid understanding of software security principles, vulnerability analysis, and exploitation techniques.
Strong problem-solving, analytical, and critical thinking skills.
Hands-on experience in software development, preferably C/C++.
Bachelor's or Master's degree in Computer Science, Cybersecurity, or related field.
Excellent communication and collaboration skills, ability to work in cross-functional teams.
Certifications like CISSP, OSCP, GPEN, etc. (preferred).
Knowledge of cloud platforms like AWS, Azure, or GCP.
DevOps knowledge in implementing CI/CD pipelines (preferred).
Experience in binary reversing and using debugger tools.
--
You must verify your mobile number to apply to this job.