Inmar Intelligence
We make businesses smarter to improve consumers' lives.
Product Security Engineer
Location
United States
Posted
29 days ago
Salary
$110.9K - $184.9K / year
Bachelor Degree5 yrs expExperience acceptedEnglishCyber SecurityIo TLinux
Job Description
• Conduct comprehensive security assessments of mobile applications, IoT hardware/firmware, compiled software, and browser extensions
• Perform reverse engineering and vulnerability analysis, and penetration testing to uncover security risks
• Analyze binary file formats (PE, ELF, Mach-O) and runtime behaviors for security flaws
• Review browser extensions and software plugins for security flaws and compliance with best practices
• Perform product data analysis to identify potential vulnerabilities and determine access scope
• Collaborate with cross-functional teams (e.g. - engineering, product, and security) to enhance security measures and improve resilience against cyber threats
• Develop and recommend mitigation strategies and risk profiles for identified vulnerabilities
• Document findings and communicate security recommendations to both technical and non-technical audiences
• Maintain organizational product inventory with security assessment status and secure configuration requirements
• Responsible for the production and maintenance of security documentation, such as bill of material repositories and analytical procedure guides.
Job Requirements
- Bachelors of Science in a related field, such as Computer Science, Electrical Engineering, or Cyber Security
- 5-7 years of relevant experience in software exploitation, reverse engineering, malware analysis, or related field; or any equivalent combination of experience and training that provides the required knowledge, skills, and abilities needed to complete the primary job responsibilities
- Proficient in using debuggers, decompilers, and disassemblers to analyze code for vulnerabilities across various CPU architectures, including ARM and RISC-V
- Strong understanding of binary file formats like PE, ELF, and Mach-O, enabling analysis of applications for security flaws
- Skilled in low-level data extraction and analysis using tools like QEMU and Verilog to identify and verify vulnerabilities through emulation
- Knowledgeable about Linux loaders, binary packing, and embedded systems tools such as BusyBox, binwalk, and u-boot
- Experienced in capturing and analyzing network traffic, including using tools like tcpdump and Scapy to dissect proprietary protocols
- Experienced in BOM enumeration and leveraging tools like CycloneDX for inventory and risk assessment
- Strong analytical and problem-solving skills, with a keen eye for identifying and mitigating security risks
- Excellent communication skills for documenting findings, providing security recommendations, and effectively disclosing vulnerabilities to technical and non-technical audiences.
Benefits
- Medical, Dental, and Vision insurance
- Basic and Supplemental Life Insurance options
- 401(k) retirement plans with company match
- Health Spending Accounts (HSA/FSA)
- Flexible time off and 11 paid holidays
- Family-building benefits, including Maternity, Adoption, and Parental Leave
- Tuition Reimbursement and certification support, reflecting our commitment to lifelong learning
- Wellness and Mental Health counseling services
- Concierge and work/life support resources
- Adoption Assistance Reimbursement
- Perks and discount programs
