- Good understanding of standard security vulnerabilities and their standard fixes and mitigations
- Ability to identify security issues at different stages of the SDLC – from architecture & design through to implementation
- Experience performing dynamic analysis of software using debugging tools
- Expertise in Java, Kotlin, or a similar high-level language
- PKI and Cryptography
- In-depth knowledge of Java and JVM internals is beneficial
- Reverse engineering experience
- Experience solving Capture-the-Flag challenges is a bonus!
- Develop tools to support vulnerability analysis
- Excellent written and verbal communication skills, including the ability to convey highly technical information to non-technical audiences.
- Build relationships with engineering teams to improve product security
- Using revision control systems
- Perform vulnerability assessments of the Corda platform with limited guidance from the Head of Security Research.
- Conduct security research to identify novel threats and mitigations that may impact the Corda platform.
- You will support the Engineering team by:
- Educating and mentoring the team on relevant attacks, defence, mitigations and tooling
- Contribute to secure software development design guidance that addresses both the security and business needs
- Review source code to support the delivery of software
- Undertake threat modelling sessions and use advanced judgement to contribute to software designs.
- Support research and evaluate the state of the art within the distributed ledger space.
- First and foremost we want you to love what you do. You will be a security evangelist beginning to have recognition as a subject matter expert within R3 and the external community of Corda participants, both current and future.
- You’ll have at least three years of experience in a security role, specifically in application security assessment. We’d love to see evidence of other experience too, you might have been a developer or network operations engineer in a previous life.
- We believe that we work better as a team, and hope you share that belief. You have experience leading small teams and providing mentoring and guidance to junior engineers so they can meet their career aspirations and make meaningful contributions. You’ll be working with a diverse group of people with a variety of skills and backgrounds where your high level of emotional intelligence and influencing techniques can generate enthusiasm for your suggestions and recommendations for improvements.
- You’ll need excellent communication skills, both verbal and written. You’ll be happy presenting to the company at all-hands meetings or explaining the impact of vulnerabilities you identify to a range of stakeholders. Regular collaboration with management and peers mean you contribute to tactical planning and solving complex challenges.