The Dell Security & Resiliency organization (SRO) manages the security risk across all aspects of Dell’s business.  We are currently experiencing incredible growth in order to meet the security needs of the world’s largest technology company.  With team members located in over 15 countries, you will have an excellent opportunity to influence the security culture at Dell and further develop your career. 

Join us as a Vulnerability Researcher on our Security Assurance team in the United States to do the best work of your career and make a profound social impact.

What you’ll achieve

As a Vulnerability Researcher, you will discover and exploit vulnerabilities affecting Dell infrastructure, products, and services.  You will collaborate with technology groups to evaluate, select, install, and configure hardware/software systems to comply with established enterprise security standards and policies.  As a Vulnerability Researcher, you will provide technical expertise and advice on all areas of security technology, including network security, platform security, authentication/authorization systems, application security, security architecture, policy enforcement, security frameworks, and how to integrate information security controls into enterprise environments. 

You should possess a deep understanding of attack surfaces in in modern compiled applications and operating systems; and should demonstrate the ability to analyze closed source applications using several off-the-shelf or custom developed tools.  

You will:

• Perform black box security testing activities
• Perform security testing activities including fuzzing, static-analysis, and manual code reviews
• Identify potential flaws in code and provide remediation/mitigation suggestions
• Develop threat models based on customer interviews and supporting documentation
• Develop and maintain tools and techniques for adversarial simulation, vulnerability research, and exploit development

Take the first step towards your dream career

Every Dell Technologies team member brings something unique to the table. Here’s what we are looking for with this role:

Essential Requirements

• 8+ years direct or equivalent experience in areas of penetration testing, exploit development, vulnerability research and fuzzing 
• Experience with any of the following tools: User and kernel-mode debuggers (Windbg/x64dbg/OllyDbg/Immunity Debugger), IDA Pro, Hex-Rays, Visual Studio, Driver Verifier
• Skilled in relevant programming languages (e.g. ASM, C/C++, C#, Java, Python) with the ability to develop custom scripts, exploits, and tools 
• Skilled in using code analysis tools, integrating security testing tools into the quality assurance processes of software releases, developing and applying security system access controls, and designing countermeasures to identified security risks 
• Experience with system and application security threats and vulnerabilities, secure coding techniques, and application security standards, testing methodologies and frameworks 
• Payment Card Industry (PCI) Data Security Standards

Desired Requirements

• Bachelor of Science in Computer Science, Computer Engineering, or Electrical Engineering or a related technical field with 10+ years of Information Security experience; or equivalent professional experience
• Familiar with the Metasploit framework
• Published or presented security research or security advisories 
• Relevant Cybersecurity Certifications (e.g. OSCP, OSCE, OSWP, OSEP, OSWE, OSED, OSEE, GPEN, GWAPT, GXPN, CISSP) 
• Cryptography and cryptographic key management concepts