Software Security Researcher

Summary

Join Finite State as a Lead Security Researcher and contribute to the Software Testing Pipeline team. You will develop, maintain, and expand security analysis, collaborate with engineering teams, lead projects to enhance software analysis tools, and create innovative solutions for complex problems. Your responsibilities include leading projects to develop proofs of concept and implement new static analysis methods, identifying and prioritizing security risks, developing techniques for software composition analysis, gaining familiarity with the analysis pipeline, making technical decisions, upholding core values, and championing the mission to protect the connected world.

Requirements

• A motivated contributor willing to dive in to solve a wide array of difficult and novel problems
• Proven experience working in security research or software analysis
• Experience in implementing and utilizing static-analysis and dynamic-analysis tools
• Experience with disassemblers and other reverse-engineering tools
• For example: Ghidra, IDA Pro, binwalk, etc
• Understanding of common vulnerability & software weakness classes
• Programming skills in Python, and an affinity for automated testing
• Experience working on small, fast-paced, teams
• Strong communication and collaboration skills

Responsibilities

• Lead projects to develop proofs of concept and implement new static analysis methods for the Finite State Software Testing Pipeline
• Lead efforts to identify & prioritize security risks (CVEs; CWEs; network, device, and configuration issues; key and credential analysis; etc). You will build tools (or leverage existing tools) to identify these risks in binary software
• Develop techniques for software composition analysis focused on binary analysis for both statically and dynamically compiled software
• Gain familiarity with all parts of the analysis pipeline to effectively contribute as needed in all analysis domains
• Be responsible for pragmatic technical decision-making to ensure we're delivering high quality software on a reasonable schedule
• Uphold our core values of transparency, results, accountability, customer dedication, and courage
• Champion our mission to protect our connected world

Preferred Qualifications

• Data science, machine learning, and LLM skills
• Experience working with or analyzing real time operating systems (RTOS)
• Experience with AWS or similar cloud platform environments
• A growth mindset and the ability to mentor and advise engineers across the department

Benefits

• Competitive salary with stock option grant
• Fully covered medical, dental, vision
• Unlimited PTO & outstanding parental leave
• WFH stipend
• Short and long-term disability coverage
• Life insurance