Hardware Cyber Security Researcher

2 months ago

England, United Kingdom Oracle Full time

Hardware Cyber Security Researcher Location: Reading hybrid (UK) Please note: this role requires someone to work physically in our Hardware Lab in Reading (Thames Valley Park) for 50% of the time Oracle’s Global Product Security (GPS) is looking for a highly skilled security professional to join the Ethical Hacking Team (EHT).


The EHT operates on the whole Oracle portfolio of products to improve security across all engineering groups within the company. As an EHT member, you will be involved in all aspects of product security assessment, from identification to fix. We value individual contribution, and you will be given the freedom to learn and grow. We are passionate about sharing knowledge and we deeply believe that the stronger you grow, the stronger the team becomes.

Responsibilities:

You will be involved in mostly hardware security assessments, using your knowledge to identify and report security issues, as well as guidance to fix them. You will dive deep into hardware implementations, reverse engineer firmware, file formats and protocols in order to reveal subtle security vulnerabilities and implement proof-of-concept exploit attack chains, simulating the steps of real-life attackers.

A successful candidate must have genuine excitement for and interest in security, as well as the desire to share knowledge and help others learn from the high technical and ethical standards you set. Your work will benefit thousands of Oracle engineers worldwide and shape the future of product security within one of the largest software companies in the world.



Requirements:

  • Bachelor of Science degree in Electrical/Electronic/Computer Engineering, Computer Science or related field.
  • 3+ years of experience in vulnerability research / bug hunting; public history of vulnerability discovery (CVEs, blog posts etc.) is highly desirable.
  • Practical experience with hardware attacks (e.g. side channels, fault injection); past experience with hardware attack tools (e.g. ChipWhisperer) is highly desirable.
  • Ability to think like an adversary, identify potentially vulnerable spots in designs and implementations, assess risk and communicate the relevant details to other team members and managers.
  • Knowledge of analogue / digital electronics and ability to understand complex schematic diagrams.
  • Ability to communicate on, monitor, and debug common embedded communications interfaces such as JTAG, SPI, I2C, RS232, USB etc.
  • Ability to build enabling prototypes (e.g. Arduino/Raspberry Pi controlled breadboards).
  • Ability to use common hardware lab tools (e.g. soldering iron, logic analyser, oscilloscope, function generator, power supply etc.).
  • Knowledge of x86 and/or ARM server platform architecture and ability to read and understand x86 and/or ARM assembly.
  • Experience with disassemblers/decompilers (e.g. IDA Pro/HexRays, Ghidra, Radare, objdump, gdb etc.) and firmware reversing tools (e.g. binwalk).
  • Familiarity with memory corruption bugs (stack/heap/integer overflows, format strings).
  • Ability to run firmware on QEMU and knowledge of Linux OS internals.
  • Fluency in either C or C++ and proficiency with one among Python, Go, Java or Bash. Ability to self-teach any language, given appropriate resources to study and practice.
  • Excellent organizational, verbal and written communication skills.
  • Ability to work physically in our Hardware Lab in Reading - Thames Valley Park, for 50% of the time

  • Junior Security Analyst

    4 weeks ago

    England, United Kingdom LT Harper - Cyber Security Recruitment Full time

    Join one of the UK's largest consultancies as a Offensive Security Analyst as you work closely with some of the industry's best Cybersecurity professionals. Gain the opportunity to work in a world class team to develop your Penetration testing skills with a variety of client sectors and projects. What you’ll be doing as a Offensive Security Analyst ...

  • Security Operations Analyst

    2 weeks ago

    England, United Kingdom Iceberg Cyber Security Full time €40,000

    Security Operations Analyst Location: Preston, Filton, or Frimley Salary: Around £40,000 (based on experience) Hybrid role I am representing a global defense organization seeking a  Security Operations Analyst to join their team. This role focuses on protecting systems from cyber threats by enhancing and developing Technical Operations capabilities....

  • Security Operations Analyst

    2 weeks ago

    England, United Kingdom Iceberg Cyber Security Full time

    Security Operations Analyst Location: Preston, Filton, or Frimley Salary: Around £40,000 (based on experience) Hybrid role I am representing a global defense organization seeking a  Security Operations Analyst to join their team. This role focuses on protecting systems from cyber threats by enhancing and developing Technical Operations capabilities....

  • Security Operations Analyst

    2 weeks ago

    England, United Kingdom Iceberg Cyber Security Full time €40,000

    Security Operations Analyst Location: Preston, Filton, or Frimley Salary: Around £40,000 (based on experience) Hybrid role I am representing a global defense organization seeking a  Security Operations Analyst to join their team. This role focuses on protecting systems from cyber threats by enhancing and developing Technical Operations capabilities....

  • Security Operations Analyst

    2 weeks ago

    England, United Kingdom Iceberg Cyber Security Full time

    Security Operations AnalystLocation: Preston, Filton, or Frimley Salary: Around £40,000 (based on experience) Hybrid role I am representing a global defense organization seeking a Security Operations Analyst to join their team. This role focuses on protecting systems from cyber threats by enhancing and developing Technical Operations capabilities.This...

  • Security Operations Analyst

    2 weeks ago

    England, United Kingdom Iceberg Cyber Security Full time

    Security Operations Analyst Location: Preston, Filton, or Frimley Salary: Around £40,000 (based on experience) Hybrid role I am representing a global defense organization seeking a Security Operations Analyst to join their team. This role focuses on protecting systems from cyber threats by enhancing and developing Technical Operations capabilities....

  • Security Operations Analyst

    2 weeks ago

    England, United Kingdom Iceberg Cyber Security Full time

    Security Operations AnalystLocation: Preston, Filton, or Frimley Salary: Around £40,000 (based on experience) Hybrid role I am representing a global defense organization seeking a Security Operations Analyst to join their team. This role focuses on protecting systems from cyber threats by enhancing and developing Technical Operations capabilities.This...

  • Junior Offensive Security Analyst

    4 weeks ago

    England, United Kingdom LT Harper - Cyber Security Recruitment Full time

    Join one of the UK's largest consultancies as a Offensive Security Analyst as you work closely with some of the industry's best Cybersecurity professionals. Gain the opportunity to work in a world class team to develop your Penetration testing skills with a variety of client sectors and projects.What you’ll be doing as a Offensive Security Analyst:Use your...

  • Junior Offensive Security Analyst

    4 weeks ago

    England, United Kingdom LT Harper - Cyber Security Recruitment Full time

    Join one of the UK's largest consultancies as a Offensive Security Analyst as you work closely with some of the industry's best Cybersecurity professionals. Gain the opportunity to work in a world class team to develop your Penetration testing skills with a variety of client sectors and projects.What you’ll be doing as a Offensive Security Analyst:Use your...

  • Cyber Security Expert

    3 weeks ago

    West of England, United Kingdom QinetiQ Full time

    Unlock Your Potential in Cyber SecurityAt QinetiQ, we're committed to delivering world-class scientific and technological knowledge to provide global security and defence services and products. Our Cyber Security community is growing, and we're seeking talented professionals to join our team across the UK.Our Cyber Security JourneyWe've been at the forefront...

  • Cyber Security Expert

    3 weeks ago

    West of England, United Kingdom QinetiQ Full time

    Unlock Your Potential in Cyber SecurityAt QinetiQ, we're committed to delivering world-class scientific and technological knowledge to provide global security and defence services and products. Our Cyber Security community is growing, and we're seeking talented professionals to join our team across the UK.Our Cyber Security JourneyWe've been at the forefront...

  • Cyber Security Expert

    2 weeks ago

    West of England, United Kingdom QinetiQ Full time

    Unlock Your Cyber Security PotentialAt QinetiQ, we're committed to delivering world-class scientific and technological knowledge to provide global security and defence services and products.We're growing our Cyber Security community, and we're looking for talented professionals to join our team across the UK.About Our Cyber Security TeamWe've been working at...

  • Cyber Security Expert

    3 weeks ago

    West of England, United Kingdom QinetiQ Full time

    Unlock Your Potential in Cyber SecurityAt QinetiQ, we're committed to delivering world-class scientific and technological knowledge to provide global security and defence services and products. Our Cyber Security community is growing, and we're seeking talented professionals to join our team across the UK.Our Cyber Security JourneyWe've been at the forefront...

  • Cyber Security Expert

    3 weeks ago

    West of England, United Kingdom QinetiQ Full time

    Unlock Your Potential in Cyber SecurityAt QinetiQ, we're committed to delivering world-class scientific and technological knowledge to provide global security and defence services and products. Our Cyber Security community is growing, and we're seeking talented professionals to join our team across the UK.Our Cyber Security JourneyWe've been at the forefront...

  • Cyber Security Expert

    4 weeks ago

    West of England, United Kingdom QinetiQ Full time

    Unlock Your Potential in Cyber SecurityAt QinetiQ, we're committed to delivering world-class scientific and technological knowledge to provide global security and defence services and products.We're growing our Cyber Security community, and we're looking for talented professionals to join our team across the UK.About Our Cyber Security TeamWe've been working...

  • Cyber Security Expert

    4 weeks ago

    West of England, United Kingdom QinetiQ Full time

    Unlock Your Potential in Cyber SecurityAt QinetiQ, we're committed to delivering world-class scientific and technological knowledge to provide global security and defence services and products.We're growing our Cyber Security community, and we're looking for talented professionals to join our team across the UK.About Our Cyber Security TeamWe've been working...

  • Cyber Security Expert

    1 week ago

    West of England, United Kingdom QinetiQ Full time

    QinetiQ: A Leader in Cyber SecurityAt QinetiQ, we offer a unique opportunity for talented Cyber professionals to join our growing community. With a rich heritage in defence research and a strong focus on cyber security, we provide a world-class environment for experts to apply their knowledge and experience.Mid-Career OpportunitiesAs a mid-career...

  • Senior External Attack Surface Management Analyst

    1 week ago

    England, United Kingdom Iceberg Cyber Security Full time

    Job Title: Senior External Attack Surface Management Analyst Location: Preston or Frimley (Hybrid and flexible working options available) Salary: Up to £60,000 (based on experience) Are you passionate about cybersecurity and ready for a new challenge? My client is seeking a Senior External Attack Surface Management Analyst to join their team, helping...

  • Security Operations Manager

    2 weeks ago

    England, United Kingdom LT Harper - Cyber Security Recruitment Full time

    L3 SOC CONSULTANT - London or Cheltenham (Hybrid). £80KRole requires eligibility for SC clearance.Currently working with a Cyber organisation who provides expert and technical consulting services across public and private sector clients. This is a “Senior consultant” position, based in London or Cheltenham. If you want to work amongst the strongest...

  • Security Operations Manager

    3 days ago

    England, United Kingdom LT Harper - Cyber Security Recruitment Full time

    L3 SOC CONSULTANT - London or Cheltenham (Hybrid). £80KRole requires eligibility for SC clearance.Currently working with a Cyber organisation who provides expert and technical consulting services across public and private sector clients. This is a “Senior consultant” position, based in London or Cheltenham. If you want to work amongst the strongest...