Senior Security Researcher - Vulnerability Assessment Team
- Manila, Philippines
Trustwave is a leading cybersecurity and managed security services provider that helps businesses fight cybercrime, protect data and reduce security risk. Offering a comprehensive portfolio of managed security services, security testing, consulting, technology solutions and cybersecurity education, Trustwave helps businesses embrace digital transformation securely. Trustwave is a Singtel company and the global security arm of Singtel, Optus and NCS, with customers in 96 countries. For more information about Trustwave, visit https://www.trustwave.com.
The Senior Security Researcher is a member of the vulnerability assessment team, in Manila, which focuses on the development of checks that validate the existence of vulnerabilities on remote systems. The development is done on our in-house designed network scanning tools. The vulnerability assessment team focuses on network detection of known vulnerabilities and the finding of new vulnerabilities in software to be responsibly disclosed to the vendors and implemented in our network scanning tools.
The candidate will be a key team member of the vulnerability assessment team who will be responsible for mentoring researchers and train them to maintain the vulnerability scan engine and its feature set.
- Provide technical leadership for a mission-focused and high performing team of Security Researchers
- Participate in workforce planning and drive hiring, coaching and mentoring for the local team
- Lead the day-to-day operation of content/signature creation
- Design a solid framework to detect vulnerabilities locally by authenticating on Windows and Linux/Unix-based platforms
- Maintain the vulnerability scan engine and extend its feature set
- Adhere to policies, procedures, and security practices
- Document actions in tickets to effectively communicate information internally and to customers
- Resolve problems independently and understand the correct escalation procedures
- Ability to work constructively and collaboratively with both technical and non-technical individuals
- Good understanding and software development competence in at least one programming language e.g. Ruby, C/C++, Perl, Python, Java or a related language.
- Advanced knowledge of cyber security, including expert knowledge in one or more of: vulnerability detection/mitigation, malware analysis, reverse engineering, information assurance
- Solid understanding of networking fundamentals, including network hardware, systems, protocols, and network management applications/tools
- Working knowledge of TCP/IP, HTTP, SSL, DNS, FTP, SSH, and other common Internet protocols
- Good written and oral communication skills and the ability to multi-task effectively in a stimulating, multi-disciplinary, cutting edge research and engineering environment
- Strong analytical and problem-solving skills, ability to work both independently and as part of a team
- Very good understanding of common vulnerabilities and exploit techniques
- Experience with IDS/vulnerability signature development
- 5+ years of experience in security research or evidence of relevant research expertise in the form of technical publications, presentations, software, and/or knowledge of applications
- We prefer college-educated applicants, but at minimum, high school diploma or equivalent is required for employment.
To All Agencies:
Please, no phone calls or emails to any employee of Trustwave outside of the Talent Acquisition team. Trustwave’s policy is to only accept resumes from agencies via the Trustwave Agency Portal. Agencies must have a valid fee agreement in place and they must have been assigned the specific requisition to which they submit resumes, by the Talent Acquisition team. Any resume submitted outside of this process will be deemed the sole property of Trustwave and in the event a candidate is submitted outside of this policy is hired, no fee or payment of any kind will be paid.
Back to top