Strong interest and deepunderstanding on network and Windows OS internals especially user/kernelmode hook and reverse engineering
Strong interest and deepunderstanding on any of following: browser hooking, browser exploit, exploitkit, computer language compiler theory;
Deep understanding on kernel ofexploit vector (e.g., IE/JRE/AVM), Credited CVE owner, experience orindustry recognition on vulnerability/exploit analysis and research is a plus
联系人:
ronging
联系电话:
电子邮箱:
QQ/MSN:
31731705
公司网址:
http://www.trendmicro.com
公司介绍:
Company & Department
Trend Micro develops innovative security solutions that make the world safe for businesses and consumers to exchange digital information. With over 25 years of security expertise, we’re recognized as a global leader in IT security and we deliver top-ranked client-server, network, and cloud-based protection that stops new threats faster, detects breaches better, and protects data in physical, virtual, and cloud environments. The job is from Trend Micro CoreTech APT Research & Development department that focus targeted, persistent, unknown & zero-day based advanced attack.
Team: Sandcastle Team, APT Group, CoreTech
Job Title: Developer (Sr. or above)
Goals/Mission: Development of Trend’s key sandboxing solution on APT defense
Responsibility:
1. Perform leading edge malware behavior research & landscape analysis (data-mining), as well as reverse competitor’s solution to enhance Sandcastle engine
2. Ownership of significant areas of the code for both new feature/functionality development as well as to maintain/redesign of the existing areas of the engine
3. Continuous focus and contribution in the areas of effectiveness, performance and scalability of the engine Desired Qualifications:
1. Fast-Learning, creativity and self-motivated
2. Strong C/C++ programming development skill with experience of Agile programming and rapid prototyping
3. Strong interest and deep understanding on network and Windows OS internals especially user/kernel mode hook and reverse engineering
Team: Script Analyzer Team, APT Group, CoreTech
Job Title: Developer (Sr. or above)
Goals/Mission: Development of Trend’s key anti-exploit solution on APT defense
Responsibility:
1. Perform leading edge exploit behavior research & landscape analysis (data-mining), as well as reverse competitor’s solution to enhance SAL engine
2. Ownership of significant areas of the code for both new feature/functionality development as well as to maintain/redesign of the existing areas of the engine
3. Continuous focus and contribution in the areas of effectiveness, performance and scalability of the engine Desired Qualifications:
1. Fast-Learning, creativity and self-motivated
2. Strong C/C++ programming development skill with experience of Agile programming and rapid prototyping
3. Strong interest and deep understanding on any of following: browser hooking, browser exploit, exploit kit, computer language compiler theory;
Team: Zeroday Discovery Team, APT Group, CoreTech
Job Title: Exploit Researcher/Expert
Goals/Mission: 0-day vulnerability/exploit discovery, analysis and research
Responsibility:
1. Source or fuzz to discover and identify client-side 0-day exploit (e.g., browser, flash, Java, PDF, office, system…) and exploit toolkit (e.g., Angler Exploit Kit) in a systematic & automatic way
2. Reverse targeted application vulnerability bug with related exploit code to give in time & professional analysis report
3. Research exploit & evasion technique, summarize exploit & toolkit landscape, and predict the evolution trend
4. Based on gained knowledge from above research to provide advice or solution POC on new or enhanced methods of exploit detection for exploit engine and sandbox
5. 5. Join and speak in global security conference about research observations and findings Desired Qualifications:
1. Fast-Learning, Creativity and self-motivated
2. Strong passion, solid knowledge and unique technique on reverse engineering, fuzzing, or exploitation (e.g., Shellcode, Heap Spray, ROP)
3. Deep understanding on kernel of exploit vector (e.g., IE/JRE/AVM), Credited CVE owner, experience or industry recognition on vulnerability/exploit analysis and research is a plus
