WHO ARE WE?
Searchlight Cyber provides organizations with relevant and actionable dark web threat intelligence, to help them identify and prevent criminal activity. We are at the forefront of cybersecurity innovation, dedicated to ensuring the safety and security of users across the globe.
Founded in 2017 with a mission to stop criminals acting with impunity on the dark web, we have been involved in some of the world’s largest dark web investigations and have the most comprehensive dataset based on proprietary techniques and ground-breaking academic research.
Today we help government and law enforcement, enterprises, and managed security services providers around the world to illuminate deep and dark web threats and prevent attacks.
ABOUT THE POSITION
As part of our commitment to protecting society from the threats from organized crime, terrorism and national security threats, we are seeking a highly skilled Browser Vulnerability Researcher to join our research and innovation team, focusing on identifying and mitigating vulnerabilities in Mozilla Firefox.
As a Browser Vulnerability Researcher focusing on Firefox, you will play a critical role in identifying, analyzing, and mitigating security vulnerabilities within the browser. You will be responsible for performing deep technical research to discover new vulnerabilities, working closely with developers to implement fixes. You must have demonstrable experience in browser exploitation, finding RCEs and sandbox escapes, along with familiarity with bypassing Windows mitigations.
Key Responsibilities:
- Vulnerability Research & Discovery: Conduct thorough research to discover and analyze new security vulnerabilities within the Firefox browser, including but not limited to memory corruption, sandboxing escapes, privilege escalation, and code execution vulnerabilities.
- Exploit Development: Develop proof-of-concept exploits to demonstrate the impact of discovered vulnerabilities, and collaborate with the development team to create effective patches.
- Security Testing: Utilize advanced tools and techniques for static and dynamic analysis, fuzzing, and manual code reviews to uncover hidden security flaws.
- Documentation: Maintain detailed documentation of research methodologies, findings, and vulnerability reports, ensuring clarity and completeness.
- Continuous Learning: Stay up-to-date with the latest trends, tools, and techniques in the field of browser security and vulnerability research.
Qualifications:
- Educational/Experience: No formal education/experience is required, but you must be able to demonstrate that you have previously found and exploited firefox and are familiar with the techniques, tools and approaches for finding new vulnerabilities.
- Technical Skills:
- Deep understanding of web technologies (HTML, JavaScript, CSS) and browser architectures (e.g. spidermonkey).
- Proficiency in C/C++ and scripting languages such as Python.
- Experience with reverse engineering tools, debuggers, and fuzzing frameworks (e.g., AFL, LibFuzzer).
- Familiarity with common security vulnerabilities (e.g., buffer overflow, type confusions, etc) and exploitation techniques.
- Knowledge of security features such as sandboxing, ASLR, and CFG.
- Soft Skills:
- Strong analytical and problem-solving skills.
- Ability to work independently as well as in a collaborative environment.
- Excellent written and verbal communication skills.
- Attention to detail and a commitment to high-quality research.
WHAT’S IN IT FOR ME?
Job satisfaction; working for a company that is genuinely making people's lives better and helping to reduce the impact of internet based crime. You will have the opportunity to grow your career with the company in a very exciting industry.
On top of a generous salary in line with your experience, you’ll receive a commission scheme, great benefits package and a learning and development plan to help ensure your career always moves in the right direction.
You’ll be challenged with interesting projects that will help you think outside the box and have plenty of opportunities to learn and practice new skills. You’ll be a key member of the team, directly contributing to our customer and supplier relationships and helping business goals. We believe in training & development, having fun and a great work life balance.
Your benefits package will include:
- 25 days holiday plus bank holidays
- Entry into company pension scheme
- Private healthcare from Axa, including dental and vision coverage
- You’ll receive a Perkbox membership, offering a range of high street discounts and other rewards
- We offer both TechScheme and Cycle2Work
- Comprehensive training and support to develop your career, including a training budget
- A range of office perks, including free fresh fruit daily, a bean to cup coffee machine and more
- Regular team building and reward events
INTERVIEW PROCESS
- Screening Call with our Talent Manager
- Face to face interview with line manager and senior management
- We’d love to meet you in person for an interview, but are happy for a video call too!
- Offer and onboarding