Browser Vulnerability Researcher

at  Searchlight Cyber Ltd

WHO ARE WE?

Searchlight Cyber provides organizations with relevant and actionable dark web threat intelligence, to help them identify and prevent criminal activity. We are at the forefront of cybersecurity innovation, dedicated to ensuring the safety and security of users across the globe.
Founded in 2017 with a mission to stop criminals acting with impunity on the dark web, we have been involved in some of the world’s largest dark web investigations and have the most comprehensive dataset based on proprietary techniques and ground-breaking academic research.
Today we help government and law enforcement, enterprises, and managed security services providers around the world to illuminate deep and dark web threats and prevent attacks.

ABOUT THE POSITION

As part of our commitment to protecting society from the threats from organized crime, terrorism and national security threats, we are seeking a highly skilled Browser Vulnerability Researcher to join our research and innovation team, focusing on identifying and mitigating vulnerabilities in Mozilla Firefox.
As a Browser Vulnerability Researcher focusing on Firefox, you will play a critical role in identifying, analyzing, and mitigating security vulnerabilities within the browser. You will be responsible for performing deep technical research to discover new vulnerabilities, working closely with developers to implement fixes. You must have demonstrable experience in browser exploitation, finding RCEs and sandbox escapes, along with familiarity with bypassing Windows mitigations.

QUALIFICATIONS:

• Educational/Experience: No formal education/experience is required, but you must be able to demonstrate that you have previously found and exploited firefox and are familiar with the techniques, tools and approaches for finding new vulnerabilities.
• Technical Skills:
• Deep understanding of web technologies (HTML, JavaScript, CSS) and browser architectures (e.g. spidermonkey).
• Proficiency in C/C++ and scripting languages such as Python.
• Experience with reverse engineering tools, debuggers, and fuzzing frameworks (e.g., AFL, LibFuzzer).
• Familiarity with common security vulnerabilities (e.g., buffer overflow, type confusions, etc) and exploitation techniques.
• Knowledge of security features such as sandboxing, ASLR, and CFG.
• Soft Skills:
• Strong analytical and problem-solving skills.
• Ability to work independently as well as in a collaborative environment.
• Excellent written and verbal communication skills.
• Attention to detail and a commitment to high-quality research.

• Vulnerability Research & Discovery: Conduct thorough research to discover and analyze new security vulnerabilities within the Firefox browser, including but not limited to memory corruption, sandboxing escapes, privilege escalation, and code execution vulnerabilities.
• Exploit Development: Develop proof-of-concept exploits to demonstrate the impact of discovered vulnerabilities, and collaborate with the development team to create effective patches.
• Security Testing: Utilize advanced tools and techniques for static and dynamic analysis, fuzzing, and manual code reviews to uncover hidden security flaws.
• Documentation: Maintain detailed documentation of research methodologies, findings, and vulnerability reports, ensuring clarity and completeness.
• Continuous Learning: Stay up-to-date with the latest trends, tools, and techniques in the field of browser security and vulnerability research.