Security Researcher

at  Nozomi Networks

Now is an amazing time to join Nozomi Networks as we build the future of OT and IoT Cybersecurity. We have hundreds of customers in more than 30 countries and we’re just scratching the surface.
Nozomi Networks is hiring a Security Researcher to join its expanding team.
In this role, you’ll work at the forefront of OT and IoT security in our Swiss laboratory. You’ll engage in cutting-edge research, including device and network analysis, 0-day vulnerability discovery, and attack detection improvement. This role offers hands-on experience with embedded devices, flexible work hours, relocation support, and opportunities for professional growth, including training, certifications, and conference participation.
You could be the next “Nozomier”! If this sounds like you, read on.

WHO WE ARE AND WHAT WE STAND FOR:

Nozomi Networks is the leader in OT and IoT Cybersecurity. We protect the world’s critical infrastructure, industrial and government organizations from cyber threats by providing exceptional network visibility, threat detection and operational insight. We’re always innovating and we hire the best at what they do to ensure our customers always have access to fast product enhancements, exceptional engineering support and rapid deployment across continents. If you like a challenge, and value integrity and customer success, we invite you to help Nozomi Networks build the future of OT and IoT cybersecurity.
Diversity, Inclusion and Belonging are part of our core beliefs, at Nozomi Networks. Diversity of thought, background and culture broadens our knowledge of the world and helps us learn, grow, and gain new perspectives. What makes us all different is what makes us powerful.

NEED TO KNOW INFORMATION

Successful candidates will be subjected to background verification checks.
Be cautious of unsolicited messages, fake email addresses, requests for money and unclear job descriptions. Report suspicious activity to authorities. Our open job opportunities and descriptions are posted on Nozomi Networks’ career page. If in any doubt please apply for opportunities on our careers website here.
If you would like to know more about our Privacy Policy, please click here. Any questions about how we process personal information, or if you would like help exercising your privacy rights please contact us using the email provided within the Privacy Policy

IN THIS ROLE YOU WILL:

• Embody the Nozomi Networks Cultural Pillars and our mission to protect what matters most with transparency and trust
• You will work in our Swiss laboratory, which replicates real-world environments, providing a valuable resource for conducting security research activities and experiments.
• You will be involved in multiple activities, including:
• Analysis of wireless communications, reverse engineering of undocumented protocols, and development of corresponding dissectors
• Design and development of strategies for wireless device identification and attack detection
• Analysis and reverse engineering of embedded device firmware
• Research of 0-day vulnerabilities and development of exploit Proof of Concepts (PoCs)
• You will also be in charge of:
• Developing and integrating research results into our products in collaboration with Engineering team
• Development of attack scenarios for integration into our laboratory for demonstration purposes
• Proposing new research ideas and selecting future research topics in collaboration with management and the team
• Planning research activities, managing involved people, and focusing on achieving final results and meeting deadlines
• Preparing thorough documentation and reports of research results, and presenting them to management and potentially at conferences

TO BE SUCCESSFUL IN THIS ROLE YOU WILL HAVE:

• Proven experience in one or more of the following activities: security research, bug hunting, reverse engineering, penetration testing
• Expertise in a scripting language like Python, Ruby or Perl
• Experience in intrusion detection systems and network traffic analysis
• Experience analyzing binaries in both Windows and Linux environments
• Experience researching new vulnerabilities in embedded devices (Routers, PLCs, RTUs, HMI, etc.)
• Confidence working in environments with strong confidentiality and data privacy protocols
• Attitude to operate in environments including data covered by non-disclosure agreements and high-level of confidentiality
• OSCP, SANS GPEN/GREM, CISSP or similar certification preferred, but not required
• Experience attending CTFs