Dell Security Penetration Tester in Cyberjaya, Malaysia
Why Work at Dell?
Endless challenges and rewards. Opportunities on six continents. A team of colleagues fueled by collaboration. All this, and a company deeply committed to integrity and responsibility.
•Discovers and exploits vulnerabilities affecting Dell infrastructure.
•Develops and maintain tools to assist in vulnerability research and exploit development.
•Communicates information security procedures to the business.
•Escalate issues to vendors, security team, and engineering through standard escalation processes.
•Provide technical expertise and advice on all areas of security technology, including: network security, platform security, authentication/authorization systems, application security, security architecture, policy enforcement, and security frameworks.
•Integrates information security controls into an environment to identify risks and reduce impact.
•Work with technology groups to evaluate, select, install, and configure hardware/software systems to comply with established enterprise security standards and policies.
•Participate in or work directly on, additional projects, assignments or initiatives as required.
•5+ years of Information Security experience.
•3+ years direct or equivalent experience in areas of penetration testing, exploit development, vulnerability research and fuzzing.
•In-depth knowledge and experience with Windows Operating Systems Internals (Kernel, Registry, File system, Windows APIs).
•Knowledge of Windows development (C/C++/C#) user mode and kernel mode applications.
•Competency with any of the following tools: User and kernel-mode debuggers (WinDbg, OllyDbg/Immunity Debugger), IDA Pro, Hex-Rays, Visual Studio, Driver Verifier
•Experience performing host, network, and web application penetration tests
•Scripting experience with the ability to develop custom scripts, exploits, and tools
•Experience with common penetration testing tools
•Experience developing detailed penetration testing reports that can speak to multiple audience types
Candidates possessing the following will be given preferential consideration:
•Bachelor of Science in Computer Science, Computer Engineering, or Electrical Engineering or a related technical field or equivalent professional experience.
•Experienced programming using x86/x64 assembly C, C++, and Python (or a comparable scripting language).
•Familiar with the Metasploit framework.
•Source code review for control flow and security flaws.
•Have published security research or security bug.
•Possess excellent communication skills in English, both written and verbal.
•Excellent problem solving skills with the ability to diagnose and troubleshoot technical issues.
•Customer-oriented with a strong interest in customer satisfaction.