Immunix Adversary/Exploit Developer/Librarian

[crispin () WIREX COM (Crispin Cowan)]

[I understand that VULN-DEV is not a recruiting forum, but this position
is precisely on-topic for the VULN-DEV mailing list:  a vulnerability
developer.  Please post it if you find it appropriate, and I understand
if you don't.  Thanks.]

WireX Research is growing.  Wirex ( http://wirex.com/ ) seeks a Linux
software developer to act as the Adversary by continuously testing the
Immunix security tools ( StackGuard  http://immunix.org/stackguard.html
, SubDomain  http://immunix.org/subdomain.html , and CryptoMark
http://immunix.org/cryptomark.html ) against live exploits as found in
forums like Bugtraq
http://www.securityfocus.com/forums/bugtraq/intro.html . The ideal
candidate will have extensive software vulnerability penetration
experience, applying exploits to vulnerable software to assess
vulnerability. Formal education is not a major consideration; we will
focus on "hack value."

Responsibilities:

   * monitor security forums for new vulnerabilities and exploits
   * test exploits against standard Linux software to verify the
     existence of the vulnerability and the effectiveness of the attack
   * where necessary, fix broken exploits to make them work
   * possibly develop new exploits for vulnerabilities that do not have
     exploits
   * test exploits against Immunized programs to determine the
     effectiveness of Immunix protective measures
   * participate in design of new Immunix survivability tools

Background/Experience:

   * Experience testing exploits is required.  It need not be
     professional experience.
   * Extensive C coding experience is an asset.
   * Perl coding experience is desirable.
   * Experience with intrusion detection systems is desirable.
   * While we are not opposed to formal education, degrees are not a
     requirement.  We will focus on "hack value".
   * Being hip to the underground is acceptable, but ethical behavior
     will be required.

Compensation

WireX is a pre-IPO start-up company.  Staff receive both pay and stock
options, commensurate with experience.

WireX is located in downtown Portland, Oregon, convenient to public
transit and major cultural centers, in the beautiful Pacific Northwest.
Portland offers extensive cultural amenities (gourmet coffee
http://www.coffeepeople.com/ , brew pub ale
http://www.teleport.com/~beer/, and fine local wines
http://www.oregonwine.org/are popular local favorites) as well as
spectacular natural wilderness. Mt. Hood
http://vulcan.wr.usgs.gov/Volcanoes/Hood/framework.htmloffers a 9-month
ski season across three ski resorts (historic Timberline Lodge
http://www.timberlinelodge.com/, Mount Hood Meadows
http://www.skihood.com/, and Ski Bowl http://www.skibowl.com/) and the
Columbia river Gorge
http://www.gorp.com/gorp/resource/US_National_Forest/or_colum.HTMoffers
world-renowned wind-surfing conditions http://www.windguide.com/, all
less than 90 minutes drive from Portland.  Extensive hiking and
back-packing terrain is also nearby, ranging from comfortable day hikes
through rain forests
http://www.gorp.com/gorp/publishers/falcon/hik_orec.htm, to challenging
multi-day expeditions and ice climbing
http://oregonlive.com/outdoors/99/06/ou062201hood.html, high-dessert
terrain, and rock climbing in Smith Rock
http://www.teleport.com/~samc/bend/smith.htmlstate park. In short, the
quality of life in Portland is extraordinary.

Apply

To apply, e-mail your application and resume to crispin () wirex com.  Word
documents will be summarily deleted.  Acceptable formats include ASCII,
HTML, postscript, PDF, and RTF.  Principals only please.

Crispin
-----
Crispin Cowan, CTO, WireX Communications, Inc.    http://wirex.com
Free Hardened Linux Distribution:                 http://immunix.org