Remote (Americas or Europe)
The opportunity:
We are seeking exceptional candidates for our Analysis Engineering team to work on and enhance the analysis engine behind Mayhem, the core of our product responsible for discovering bugs and security vulnerabilities. Currently Mayhem has found vulnerabilities in open source projects, components in aircraft and automotive systems, and well-known embedded devices. This is only the beginning as we are providing Mayhem to bring automation, usability, and scalability to today’s software security problems.
At ForAllSecure you will join a talented, ambitious engineering team that is creating truly novel technologies and products that will impact the way people see themselves and the world. If you are someone who has a passion for writing the future of software security, this is the place for you!
What you will do:
- Work on cutting-edge technology built to find vulnerabilities and shorten the cycle of identifying and fixing software flaws
- Collaborate with teammates both local and remote, through pull requests, in-person conversations, Slack, etc
- Develop new features, fix interesting bugs, write tests, and review your teammates’ code
- Collaborate with support engineers and customers to improve the security and quality of software in their ecosystem
- Build expertise and responsibility for specific components of Mayhem ecosystem
You are someone who:
- Demonstrates a passion for building innovative and easy-to-use tools for finding bugs, improving code quality and security, and enhancing the debugging experience
- Has strong computer science fundamentals demonstrated through a Bachelor’s, Master’s, or PhD degree in computer science or related discipline
- Has experience with systems-level programming in Linux
- Is proficient in Rust, Python, and/or C/C++ development
- Has knowledge of common compiler concepts: types, code generation, register allocation, stack frames, inlining, and control flow graphs
- Has knowledge of binary execution formats, assembly, linkers and loaders
- Has knowledge of operating system concepts (memory management, process lifecycle, I/O, etc.)
- Has a background in vulnerability research or reverse engineering (preferred)
- Has prior experience with technologies in program analysis like fuzzing and symbolic execution (preferred)
- Is familiar with modern exploitation techniques and mitigations/counter-measures (preferred)
- Is experienced with run-time analysis tools (such as Valgrind or LLVM sanitizers) (preferred)
- Has knowledge of OCaml, Haskell or other functional programming languages (preferred)
- Is familiar with containerization technology (Docker/OCI) (preferred)
Who we are:
Our hunger for success drives our actions. We have respect for all, respect that people will have different opinions, and strive to mitigate unconscious bias. We commit to being responsible, transparent, and accountable in our actions to our customers and each other. We have a growth mindset , believe challenges can be opportunities, and ask what we can do 10% better each time.
We believe in a world where autonomous application security allows us to move faster and beat attackers. We do not believe the status quo is working, as companies are developing software much faster than they can manually secure it. We developed an autonomous appsec AI engine called Mayhem, which automatically tests and finds new zero-day exploitable vulnerabilities before attackers. Mayhem was battle tested in and won the DARPA (Defense Advanced Research Project Agency) Cyber Grand Challenge, and exhibited at the US Smithsonian Museum. ForAllSecure is bringing Mayhem to the world as an enterprise sales technology.
ForAllSecure’s customers include Roblox, Cloudflare, Motional, US CyberCommand, where applications range from securing online platforms used by millions to critical mission safety systems. Fortune 1000 companies in aerospace, automotive, and high-tech partner with ForAllSecure for scalable, advanced security testing that keeps pace with increasing development speeds and deployment frequencies. Other awards include the 2021 SINET 16, 2021 Global Infosec Award, and the MIT Technology Review as one of the 50 Smartest Companies. We are backed by NEA and KDI, having just raised our Series B funding.
#J-18808-Ljbffr