Cyber Security Researcher
About Valid Network
Valid Network is the first and only Blockchain Security Platform (BSP) that empowers you to innovate with blockchain, securely. Valid Network BSP is blending Blockchain transactions with traditional enterprise systems and generates full transparency to achieve trust. The BSP technology stack is a mix of advanced algorithms from machine learning, data mining and distributed systems that exposes a visual stream of insights for Internal Auditors, Risk, Financial and security officers. Valid Network BSP is designed exclusively for blockchain applications and provides an end-to-end dApps (Decentralized applications) security solution, which is tightly integrated into your organization CI/CD process.
About the role
Valid Network is seeking a Cyber Security Researcher to investigate security issues and work within our software team to prototype systems that interact across the cyber and blockchain domains. Cyber security aspects of the systems involved are of particular interest, so some background in vulnerabilities analysis is beneficial. Work will involve Cyber Situation Analysis and troubleshooting distributed ledger technologies.
- Ability to build strong and actionable relationships in complex situations with multiple stakeholders.
- Familiarity with Enterprise applications and Enterprise Cyber Security.
- Ability to work collaboratively with functional peers across functions including Product, Development and Management.
- Experience as a Cyber Security Researcher.
- Experience in a start-up or entrepreneurial environment is a plus
- Perform in-depth penetration and security assessment testing for different blockchain protocols, smart contracts, and software on a global scale.
- Conduct regular security audits and assessments from both a logical/theoretical standpoint and a technical/hands-on standpoint.
- Understand adversarial tactics, techniques, and procedures and drives counter measures for IT managed systems and Garmin products.
- Educate product teams on security best practices by providing real-world examples and hands on training.
- Develop tools to automate security testing and enable more efficient discovery and resolution of security problems.
- Significant knowledge of security standards, security controls, software technology and software security.
- Speak fluently around cryptography and potential attacks.
- Apply real world security industry threats to company products.
- Ensure that all security requirements are met or exceeded.
- Apply deep knowledge of application attack vectors and mitigation techniques.
- Serve as a mentor and provides guidance to other team members.
- Qualified candidates possess a Bachelor of Science Degree in Computer Science, Information Technology, Management Information Systems, Business or another relevant field AND a minimum of 5 years relevant experience.
- Other requirements include:
- Relevant, deep, hands-on, technical security experience with at least one of: Linux, Windows / AD, Cryptography, Mobile Platforms, Software Security (Source Code Auditing and Binary Reversing)
- Demonstrated proficiency in standard penetration testing frameworks including NIST 800-115
- Well-versed in computer networking protocols and devices, operating system internals, and computer system architecture
- Experience in reversing and debugging of consumer devices using standard digital and analog test equipment is desired.
- Demonstrate strong and effective verbal, written, and interpersonal communication skills in a small team setting.
- Strong track record of understanding and interest in current and emerging technologies demonstrated through training, job experience and / or industry activities
- Must be team-oriented, possess a positive attitude and collaborates well with others to solve problems and actively incorporates input from various sources
- Proven vulnerability analysis skills
- Excellent time management and follow-up skills
- Consistently demonstrates quality and effectiveness in work documentation and organization
- The ideal candidate must be able to convey complex security issues and risks while maintaining a positive relationship with product teams.