This job has expired, please see additional jobs below
Paranoids Penetration Tester
Yahoo!
Sunnyvale, CA, United States
Job Details - this job has expired, please see similar jobs below
Description
A Little About Us
The Yahoo penetration testing team is dedicated to discovering security vulnerabilities in Yahoo's properties, infrastructure and the open source code we depend upon. Our job is to uncover these issues before an adversary does. The security of our business and our users privacy depends on it.
A Lot About You
Our ideal candidate is passionate about security and furthering their knowledge every day. You enjoy diving into complex source code audits to reveal subtle security vulnerabilities, writing new tools such as fuzzers in languages such as C/C++, Python, Ruby, PHP or Java, tearing apart an undocumented file format or network protocol and coming up with novel techniques to solve unique and interesting security problems. We hope you like working at scale as much as we do, because Yahoo has no shortage of it.
Your Day
• Help plan upcoming pentests by threat modeling and identifying attack surface
• Audit open source and Yahoo proprietary code for security vulnerabilities
• Perform web application security audits on internal and external web properties
• Build and contribute to custom internal security tools such as fuzzers
• Write proof-of-concept code for vulnerabilities the team has discovered
• Document findings for developers and other Paranoids team members
What you bring
• 3+ years of direct pentest experience
• Ability to read/write C/C++ and one of (PHP, Java, Python, Ruby, Golang, Perl)
• Knowledge of memory corruption vulnerabilities
• Knowledge of web application security flaws
Nice to Have:
• Some knowledge of fuzzing, reverse engineering and exploit development
• Some knowledge of cryptographic flaws
*This role is based in Sunnyvale, CA