Claroty-Vulnerability Researcher

  • Claroty
  • Tel Aviv, Israel
  • Full-time
About The Position

Claroty is the world’s leading industrial cybersecurity company. Leveraging broad expertise in the Operational Technologies (OT) that run the world’s critical infrastructure, the Claroty Platform provides visibility across a rapidly growing and opaque attack surface. Its Deep Packet Inspection (DPI) technology, crafted to the unique and often proprietary OT communication protocols, delivers award-winning vulnerability and threat monitoring, enabling our customers to preserve reliability and trust in the face of mounting operational risk. 

Founded in 2014 as the second portfolio company of Team8, Claroty is headquartered in New York City with offices in Tel Aviv. It is backed by the world’s leading cybersecurity and technology investors, including Bessemer Venture Partners and Temasek Holdings.

We are looking for talented, passionate, and experienced Vulnerability Researcher to join our Research team.

Vulnerability researchers at Claroty analyze systems to understand how they work and how they behave when they break. Candidates must be able to play both sides of the fence, both developing and defeating new and advanced security techniques. A typical day may involve understanding how system works, studying disassembly, writing python to audit a piece of C/C++ code, and analyse network traffic.

Requirements:
  • Experience performing static/dynamic/symbolic program analysis
  • Vulnerability research and analysis including reverse engineering and exploit development
  • Penetration testing or system hacking
  • Proficiency in one or more programming languages: C/C++, Python, etc.
  • Operating system internals including memory/process/thread management
  • Understanding of OS Internals (any major OS)
  • Experience reading or writing assembly (x86, x64, ARM, PPC, MIPS, SPARC, 68k, or others)
  • Understanding of network protocols (TCP/IP stacks, wire-level protocols, RF communications, BGP, routing protocols, or others).
  • Understanding of modern exploit mitigations such as DEP, ASLR, CFG, etc
  • Experience using reverse engineering tools such as IDA, Binary Ninja, Ghidra (or equivalent)
  • Experience using debuggers such as gdb, WinDbg, OllyDbg
  • Knowledge of anti-reverse engineering techniques
  • Embedded systems or firmware analysis (Optional)
  • UART/JTAG debugging, firmware flashing or extraction (Optional)

Apply for this position