Offensive Cyber Security Researcher

    • Tel Aviv, Israel

Job Description
Have you heard about Novartis Pharmaceutical?
927 million. That's how many lives our products touched in 2017. And while we're proud of that, in this world of digital and technological transformation, we must also ask ourselves this: how can we continue to improve and extend even more people's lives?
We believe the answers are found when curious, courageous and collaborative people like you are empowered to ask new questions, make bolder decisions and take smarter risks.

We invite you to explore your career opportunities in an innovative organization.

What would be the purpose of the security Research role?

The Security Researcher will be based in Tel Aviv and will be part of a new Think Tank group of security researchers that will challenge Novartis information security defenses, application security and data protection. The Security Researcher will focus on identifying security vulnerabilities in Novartis infrastructure, through vulnerability research, simulating breach scenarios and developing innovative tools and techniques.
The Security Researcher will proactively identify and analyze vulnerabilities as well as related exploits and attack vectors.
The position will be based in Tel Aviv.

Minimum requirements
* BA or BSc in Computer Science or a related field.
Fluency (written and spoken) in English
5+ Years' experience in Security Research, Web-Application & Network Penetration Testing or adjacent fields.
Understand and apply attack and penetration concepts including the attack surface; identification of system software and configuration vulnerabilities and critical information, data and processes that must be protected.
Software development experience/proficiency in multiple languages, mainly C/C++ and other object-oriented platforms. Experience with scripting languages such as Python/Perl/Ruby.
Operating System internals: PE, ELF, kernel, processes, networking, and hypervisors.
Experience with reverse engineering tools (e.g. disassemblers, debuggers, instrumentation frameworks, etc.).
Basic understanding of concepts in vulnerability research: Shell code, ROP, ASLR, exploit types, and heap manipulation.
Must be able to manage new and existing security requirements, help with training personnel, and implement controls.


Back to top