RECRUITMENT
In COSEINC, we believe and abide by the following human resource policy:
- We will hire people that will be best suited to carry out the primary responsibilities required of their job competently and enthusiastically.
- We will evaluate all candidates against a standard set of objective and subjective criterion set out for their job.
- We strongly believe in and will practice a performance-based remuneration system.
- We believe and support continuous education and the improvement of relevant skill sets of our people.
- We believe all members of COSEINC have an important role to play, and as such, a stake in the success and failure of the company.
Positions Available
Mobile Security Researcher
Job Description:
- Perform cutting edge vulnerability research on IOS or Android.
- Write detailed technical reports and develop PoC code to demonstrate security issues found.
- Recommend remediation measures to mitigate the vulnerabilities.
- Stay updated on the security landscape, especially in the area of mobile vulnerabilities.
Minimum Requirement:
- Experience with Reverse Engineering , Debugging and Code Analysis on IOS or Android
- Experience with vulnerability research on IOS or Android
- Solid understanding of IOS/Android security model, how they are implemented and how they can be bypassed
- Ability to create POC exploits that demonstrates the severity of security vulnerabilities found
- Strong problem solving and analysis skills
- Good track record in the area of IOS and Android vulnerability research,
demonstrated by the following:
- Issued security advisories
- Relevant work experience
- Presented at renowned conferences
- Wrote blog/articles on relevant topics
Virtualization Security Researcher
Job Description:
- Perform cutting edge vulnerability research on Hypervisor technology.
- Write detailed technical reports and develop PoC code to demonstrate security issues found.
- Recommend remediation measures to mitigate the vulnerabilities.
- Stay updated on the security landscape, especially in the area of hypervisor vulnerabilities.
Minimum Requirement:
- Experience with Binary Analysis and Reverse Engineering
- Experience with researching on VMware Hypervisors
- Ability to create POC exploits that demonstrates the severity of security vulnerabilities found
- Good record of performing hypervisor related vulnerability research, demonstrated by the following:
- Wrote blog/articles on relevant topics
- Training classes
- Presented at renowned conferences
- Publicly disclosed CVEs
- Relevant work experience
- Substantial code contributions to open-source hypervisors
Web Browser Security Researcher
Job Description:
- Perform cutting edge vulnerability research on web browsers (running on Windows OS).
- Identify and audit browsers for bugs that may lead to RCE and bypassing/mitigation of security mechanisms
- Write detailed technical reports and develop PoC code to demonstrate security issues found.
- Recommend remediation measures to mitigate the vulnerabilities.
- Stay updated on new security technologies that may impact web browsers
Minimum Requirement:
- Experiences in auditing browsers running on Windows for bugs that may lead to remote code execution (RCE)
- Good understanding of different browser security mechanisms, such as sandboxes, and preferably experiences in auditing these mechanisms to bypass/mitigate them
- Ability to create POC exploits that demonstrates the severity of security vulnerabilities found
- Good track record, demonstrated through one or more of the followings:
- Issued security advisories
- Relevant work experience
- Presented at renowned conferences
- Wrote blog/articles on relevant topics
Linux Security Researcher
Job Description:
- Perform source code auditing to identify bugs within Linux kernel or open-source applications that may bypass existing security mitigations, thereafter leading to code
- execution.
- Write detailed technical reports and develop PoC code to demonstrate security issues found.
- Recommend remediation measures to mitigate the vulnerabilities.
- Stay updated on the Linux security landscape
Minimum Requirement:
- Experiences in auditing source code for Linux Kernel and open-source applications (and services) for bugs that may lead to code execution
- Good understanding of kernel and userspace exploitation, preferable with experiences in developing proof-of-concepts to demonstrate the severity of bugs found
- Good track record, demonstrated through one or more of the followings:
- Issued security advisories
- Relevant work experience
- Presented at renowned conferences
- Wrote blog/articles on relevant topics
R&D (Web) Engineer
Job Description:
- Perform full SDLC on web applications.
- Write functional and design specifications for Web applications
- Design and deliver Web services
- Create, implement and support Web applications
- Perform unit, functional, integration and migration testing on Web applications
Minimum Requirement:
- Strong in Python, Danjo, Ruby on rails, PHP
- Strong in HTML, CSS, XML
- Strong in JavaScript, Microsoft JScript and JQuery
- Be proficient in J2EE or ASP .net
- Strong in general database concepts, with experience in mysql
- Strong in applying MVC framework to web development
- Strong data visualization skill
- Be proficient in the architecture of clients, servers, and Internet systems
- Configuration and deployment of Web applications
- Experienced in Web applications' security principles
- Applicable for Singaporean and PR only
R&D (Application) Engineer
Job Description:
- Perform full SDLC on client/server applications.
- Write functional and design specifications for client/server applications
- Design and deliver client/server services
- Create, implement and support client/server applications
- Perform unit, functional, integration and migration testing on client/server applications.
Minimum Requirement:
- Strong in C, C++, Java.
- Strong in Windows API Programming, STL, MFC, WTL and WPF.
- Strong in Swing, SWT and JavaFx.
- Be proficient in network programming.
- Knowledge of Windows driver programming will be an advantage.
- Experienced in secure application development principles.
- Applicable for Singaporean and PR only.
Security Researcher
Job Description:
The vulnerability researcher will perform as a hands-on specialist in the identification, discovery, evaluation and in-depth analysis of malware and vulnerabilities in current and future systems.
Primary Responsibilities:
- Research and Analysis of Computer Security Vulnerabilities
- Risk Assessment and Analysis of Computer Security Malware and Exploits
- Recommend and Implement Computer Security Solutions
Minimum Requirements:
- Experience with or substantial knowledge of Reverse Engineering, current Internet Security Issues (e.g. exploits, trojans, malware, security patches), Software Bugs (e.g. buffer overflows).
- Strong background in C/C++ and Assembly (x86)
- Strong knowledge of Windows and/or Linux operating system internals.
- Familiar with major network and system protocols, APIs, services etc.