Remote Reverse Engineer

Summary

Join our team as a Reverse Engineer and Security Analyst to assess the security of our Windows VPN and desktop client applications, SonicWall mobile client apps for Android and iOS, and identify potential security vulnerabilities.

Requirements

• Bachelor's degree in computer science, Cybersecurity, or a related field
• Proven experience in reverse engineering and security analysis of software applications
• Proficiency in using tools such as IDA Pro, Ghidra, and other relevant reverse engineering tools
• Strong understanding of VPN technologies, cryptographic protocols, and network security principles
• Experience with penetration testing tools and methodologies
• Excellent written and verbal communication skills
• Certifications such as OSCP, OSCE, or similar are a plus

Responsibilities

• Conduct thorough reverse engineering analysis on the Windows desktop VPN and other client application and mobile client apps (Android and iOS)
• Identify and analyze cryptographic algorithms, protocols, and security mechanisms implemented in the applications
• Perform security assessments to identify vulnerabilities, weaknesses, and potential exploits in the VPN and SonicWall client applications
• Utilize various tools and methodologies to conduct static and dynamic analysis of the binary code
• Review source code and binaries for security flaws, coding errors, and potential areas of improvement
• Collaborate with the development team to provide recommendations for secure coding practices
• Conduct penetration testing on the Firewall hardware, virtual appliances, and VPN client applications to simulate real-world attack scenarios
• Document and report findings, including recommended remediation steps
• Stay abreast of the latest cybersecurity threats, vulnerabilities, and attack vectors relevant to VPN technologies
• Prepare comprehensive reports detailing the results of security assessments and penetration tests
• Clearly communicate findings, risks, and recommended mitigations to both technical and non-technical stakeholders
• Works closely with cross-functional teams, including developers, system administrators, and PSIRT engineers, to address and resolve security issues