Horizon3.ai is looking to solve common security problems such as ineffective security tools, false positives, alert fatigue, blind spots, and the cybersecurity skills shortage by enabling organizations to proactively find, fix, and verify exploitable attack vectors before criminals exploit them.
Requirements
- Proficiency in Python: Proficiency in large-scale Python software development.
- Software Engineering: Strong understanding of secure software development practices, including experience with version control systems like Git and effective team workflows.
- Reverse Engineering: Experience reversing Java applications, C, .NET, and native application binaries and experience in reverse engineering technologies like IDA or Ghidra.
- Vulnerability Exploitation: In-depth knowledge of common Remote Code Execution (RCE) techniques such as SQL injection, path traversal, and buffer overflow exploits.
- Network Protocols: Strong understanding of network protocols and their intricacies, including their role in exploitation vectors.
- Database Experience: Experience with relational (Postgres) or graph (Neo4j) database systems.
- Experience with additional programming languages, including C, C++, Rust, or Assembly.
Responsibilities
- developing and maintaining core parts of NodeZero’s autonomous penetration testing platform
- leveraging the latest InfoSec news to swiftly weaponize newly discovered public vulnerabilities
- Acquire and configure vulnerable test systems to replicate and validate attack scenarios.
- Reverse engineer application binaries and patches to identify vulnerabilities.
- Develop and validate proof-of-concept exploits for identified vulnerabilities and ensure their integration into the core product.
- Design and implement foundational technology improvements to enable rapid development of exploitation modules.
- Collaborate closely with engineering teams to enhance product capabilities and develop new features.
Other
- Problem-Solving: Strong analytical skills with an aptitude for solving complex technical problems.
- Self-Motivation: The ability to work independently with minimal supervision, demonstrating initiative and a high level of energy.
- Collaboration: Work closely with the NodeZero team, N-Day researchers, and adjacent teams to weaponize reverse-engineered exploits for product integration and rapidly develop new cross-functional features.
- Communication: Strong technical writing and documentation skills, with the ability to convey findings and methodologies to both technical and non-technical stakeholders.
- Technical Design: Proficiency in designing, presenting, and evaluating technical solutions, ensuring high-quality software and secure development practices.
