Huawei is a leading telecom solutions provider. Through continuous customer-centric innovation, we have established end-to-end advantages in telecom network infrastructure, application & software, and professional services and devices. With comprehensive strengths in wireline, wireless and IP technologies, Huawei has gained a leading position in the All-IP convergence age. Our products and solutions have been deployed in over 100 countries and have served 45 of the world's top 50 telecom operators, as well as one third of the world's population.
Huawei’s vision is to enrich people's lives through communication. By leveraging our experience and expertise in the telecom sector, we help bridge the digital divide and give people the opportunity to join the information age, regardless of their geographic origin.
Huawei’s German Research Center in Munich (Munich Research Center) is responsible for advanced technical research, architecture evolution design and strategic technical planning. Now we are looking for a
Technical Leader of Vulnerability Analysis Team (m/f/d)
- Undertake the vulnerability detection and exploitation of core products and components, and discover the available attack paths of products;
- Follow up the development status of the industry and academia in the field of vulnerability analysis, and study innovative methods of vulnerability analysis;
- Have a deeper understanding and research on mainstream fuzzing techniques and tools, and have in-depth research foundation for program analysis techniques, such as symbol execution, stain analysis, and program slicing, and are responsible for automatic vulnerability mining of network equipment products;
- Responsible for researching industry-leading vulnerability prevention mechanisms, such as DEP, ASLR, CFI, PAC, etc., and in-depth understanding and practice of security mechanism bypass technology, responsible for evaluating the vulnerability exploit-ability;
- Undertake the design and development of cutting-edge vulnerability detection and utilization tools.
- Familiar with mainstream CPU architecture (X86, ARM, etc.), as well as the principles of Windows and Linux operating systems and compilation principles;
- The most common binary vulnerability principles and methods of discovery, including but not limited to fuzzing, code auditing, and binary analysis;
- Proficient in vulnerability exploitation methods, able to complete vulnerability exploitation;
- Solid coding ability, can undertake the design and development of auxiliary vulnerability detection tools;
- Clear thinking, good initiative thinking, ability to innovate research, analyze and solve problems independently;
- Have a strong interest in vulnerability detection and exloitation technology, have a good study spirit and toughness, and can deeply analyze the principles and details of loopholes;
- Have excellent communication and coordination skills, and be able to coordinate internal and external experts in key tasks;
- It is necessary to actively participate in external expert cooperation and exchanges, and quickly master new vulnerability detection and exloitation technologies and tools.
- Successful detection and exloitation of WEB vulnerabilities and binary vulnerabilities;
- Can use a variety of vulnerability detection techniques and tools in quantity;
- Have a certain connection with white hat hackers and security organizations in domestic and foreign security circles;
- It is best to have played an important role in a well-known security laboratory or CTF team.
Must be eligible to work in the European Union to be considered for this position.
If you are enthusiastic to shape the Munich Research Center in Munich together with us, being part of a multicultural team and growing environment, feel free to contact us. Driving future technologies with focus on customer satisfaction is one of our missions. Join us!