Would you enjoy helping to protect Microsoft and its customers from attacks related security vulnerabilities and exploitations? Do you like analyzing how different types of exploitation work, down to the assembly level, and then design the innovative ways to defend and detect these attacks? Do you like hunting 0day attacks? If so, the MSRC exploit defense and detection team might be a good fit for you.
We have an immediate opening for a Security Software Engineer with the following duties:
(1) Research reported vulnerabilities/exploits to understand what leads to success exploitation.
(2) Identify factors present in the attack chain that might help defense and detection.
(3) Design/implement automated analytical components and perform in-depth analysis to identify real-world attacks.
Candidates need to have knowledge of Windows architecture or other in-depth knowledge of a product, security-mindedness, and solid debugging and coding skills in C/C++.
Other traits that would make a candidate more attractive include experience triaging crashes for exploitability, experience with understanding assembly and exploits/malware, penetration testing experience, experience with common hacking tools, data analysis.
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, gender, sexual orientation, gender identity or expression, religion, national origin, marital status, age, disability, veteran status, genetic information, or any other protected status.
EmoticonEmoticon