Internship – Vulnerability Research Intern

About our Team

Samsung R&D Poland Security Team is looking for Vulnerability Research Intern. The main responsibilities of this role are finding new and analyzing existing vulnerabilities in Samsung Android based products (Linux kernel and native user space), planning and conducting security analysis, performing security research, developing infrastructure and tools to automate vulnerability detection.

Role and Responsibilities

• Conducting security assessment of the newest Samsung flagship devices (Galaxy S and Galaxy Note devices).

• Performing security research focused on finding vulnerabilities in Samsung products.

• Finding bugs in software applications, system services, drivers and kernel to identify potential vulnerabilities.

• Constant review of existing processes and tools, gradual improvement of assessment methodology.

• Automatic and manual security testing, analyzing and triaging using both source code analysis and dynamic analysis tools.

• Building, maintaining and extending the distributed fuzzing framework for the discovery and triage of vulnerabilities.

Skills and Qualifications

• Comprehensive, practical programming knowledge in C or C++ language (good to have Java or Python, the more you know about how programs work together with operating systems, network, etc. the better).

• Ability to 'think outside of the box' and a passion for solving unique challenges in technical environments.

• Knowledge about different types of fuzzing techniques and related tools.

• Practical knowledge of the code review for finding vulnerabilities.

• Knowledge about application security, reverse-engineering and binary analysis (GDB, IDA Pro).

Nice to have

• Ability to leverage scripting languages like Bash or Python for implementation of automatable tasks.

• Deep understanding of Linux/Android Operating System and its low-level components (like drivers).

• Knowledge of Kernel interworking with drivers, services and higher-level platform components.

• Knowledge of static and dynamic analysis tools in and its usage in the context of security evaluation.

• Knowledge of clang compiler internals, ability to write compiler extensions to improve security analysis.

We offer

Internship conditions:

• Competitive salary

• Flexible working hours

• Possibility of long-lasting cooperation

Team:

• Possibility to learn from world-class experts in a friendly atmosphere

• Integration budget

Equipment:

• PC workstation/Laptop

Benefits:

• Variety of discounts (Samsung products, theaters, restaurants)

• Free access to Copernicus Science Center for you and your friends

• Chillout rooms

• Variety of tea, coffee and fresh fruits/vegetables

Location:

• Office in Warsaw Spire near metro station