Application Security Researcher

At InnoEdge, we work with organisations to protect them from cyber threats. We help detect new unknown cyber threats through research, fortify networks, and defend critical information infrastructures. Based in Singapore, our team consists of cybersecurity experts who use the advanced techniques and technologies to deliver cutting-edge solutions and services.

InnoEdge believes in fostering a culture where team members are encouraged to overcome challenges, explore new ideas, and work together to succeed. We value individuals who are determined to push beyond the boundaries, and have a thirst for knowledge, continuous learning, and self-improvement.

Collaboration is key to our success. We prioritise open communication, constructive feedback, and a willingness to help others. We are committed to creating a supportive work environment that encourages excellence, innovation, and continuous improvement. We're looking for individuals who share our values and are excited to join us on our cyber mission.

Requirements

• Technical Leadership:

1. 1. Recommend research directions, conceptualize new security tools, and mentor junior researchers.
   2. Conduct internal training workshops on analysis techniques, vulnerabilities discovery, and mechanism.

• Research and Analysis:

1. 1. Conduct in-depth research on applications, reverse engineer closed-source code, and identify exploitable weaknesses.
   2. Continuously learn about the latest application security and reverse engineering techniques.

• Development:

1. 1. Assess and verify security through design and execute tests against industry standards CIA triad: Confidentiality, Integrity, and Availability, plus Authorization and Non-repudiation).
   2. Develop proof of concept (e.g. code, scripts) to demonstrate the severity of discovered vulnerabilities and propose mitigations.
   3. Develop cutting-edge tools to streamline the analysis process and improve efficiency.

• Documentation and Reporting:

1. 1. Document findings, methodologies, and recommendations for both technical staff and executive leadership.
   2. Effectively communicate findings and strategy to stakeholders.

• Contribution:

1. 1. Contribute to the Singapore cybersecurity community through publishing whitepapers, blog posts, or presenting findings at relevant conferences.

• Fluent in OOP such as C++, Windows or Linux APIs/syscalls and knowledge of common file formats, network protocols and encryption. 
• Demonstrated ability to:
• Reverse engineer C/C++ compiled binaries and recognize common algorithms and patterns in decompiled code. 
• Perform type recovery on intermediate data structures and uncover logic and indirect calls within a module. 
• Bypass common anti-RE and anti-debugging techniques and uncover original code obfuscated by a public obfuscator. 
• For a more senior role, we're looking for candidates who has the demonstrated ability to: 

1. 1. Reverse engineer sophisticated software and other programs compiled in newer languages such as Golang, Rust, newer Pythons and non-C binaries. 
   2. Recover complex code logic and indirect calls across multiple modules or files. 
   3. Recover undocumented file format or encoded binaries through deep analysis of the program. 
   4. Develop custom tools to recover the logic or emulate parts of the program. 
   5. Uncover logic of heavily obfuscated or custom packed code. 

Benefits

• Training & Development
• Performance Bonus
• Medical Benefits
• Hybrid Work Arrangements

If you meet these qualifications and are passionate about cyber security, we encourage you to apply for this exciting opportunity. We offer competitive compensation, a comprehensive benefits package, and a collaborative and dynamic work environment.