Binary.com

We are seeking a driven and analytical Security Researcher to perform penetration testing on our web applications, identify potential security issues, and assist our developers in patching security bugs. You will also manage our bug bounty programme which includes analysing and validating external security reports. To excel in this role, you must have: ● Experience with web application security and testing, security monitoring, and intrusion detection. ● Experience with fuzzing and finding edge cases in validation. ● Understanding of encryption fundamentals and the OWASP Top 10. ● A good understanding of attacks and mitigations such as timing, injection (e.g. form parameter/SQL), side-channel, DoS, buffer overflows and DNS cache poisoning. ● Able to assess the security impact of bugs and API inconsistencies. ● Familiarity with industry standard tools such as Burp Suit and Metasploit. ● Experience in writing custom code and scripts to investigate security threats. ● A clear understanding of the OSI model, TCP/IP, and other industry-standard network defense concepts ● Knowledge of the latest industry trends and best practices in information security ● Extensive experience in bug bounty programmes such as HackerOne, Bugcrowd, and Cobalt ● OSCP, CEH, Security+, CISSP, or any GIAC certification is an advantage.