Senior Security Researcher

Qualifications

Required Education and Experience  

* Bachelor's degree in engineering, mathematics, statistics, computer science, or related field plus 8 years of experience  OR 

* Master’s degree in relevant coursework plus 6 years of experience  

Required Skills

* Minimum 2 years of experience in at least two programming languages, including a scripting language, and ideally including a functional language. Exposure to a wide range of language types (e.g., scripting, Unix-like, procedural, functional, high-level) is especially helpful.  

Desired Skills 

* Basic understanding of and interest in internet technologies and fundamental protocols such as HTTP, TCP/IP, and DNS  

* Intellectual curiosity: wanting to know how and why things work, and how to improve them  

* Optimism: seeing obstacles as challenges and problems as ways to make things better  

* Flexibility: ability to handle an environment that shifts (sometimes suddenly) between leisurely and fast-paced  

* Humility: knowing that there is always more to know, and being willing to learn from others  

* Systems thinking: being able to identify the key factors in a system and to reason about the system without needing all the low-level details  

* Safety and security thinking: understanding the difference between random and targeted failures, seeing how things can go wrong (or almost go wrong), and figuring out how to protect against these scenarios  

* Adversarial thinking: understanding the system through the eyes of a party who wishes to disable, destroy, exploit, or just plain mess with it, and being able to convert those insights into ways to increase the resilience of the system against such attacks  

* Hands-on experimentation: being unafraid to try ideas and evaluate their effectiveness  

* Problem framing: being able to identify if the question being asked is the right one, and if not, to be able to ask the right questions  

* Interpersonal skills: getting along with coworkers and colleagues, even when (especially when) incentives encourage an adversarial relationship; knowing who and how to influence; being able to act with diplomacy and tact; and displaying active kindness  

* Perspective: understanding and making tradeoffs; picking battles well; using political capital wisely; and seeing beyond the immediate problem to work towards long-term goals  

* Communication: Expressing oneself clearly, independent of medium (e.g., text, slides, oral presentations), and being able to tailor a message in structure, style, and content to the audience receiving it  

* Technical maturity: Being comfortable working with technical information, including design documents, (incomplete) system documentation, source code, and configuration data