RECRUITMENT

In COSEINC, we believe and abide by the following human resource policy:

  1. We will hire people that will be best suited to carry out the primary responsibilities required of their job competently and enthusiastically.
  2. We will evaluate all candidates against a standard set of objective and subjective criterion set out for their job.
  3. We strongly believe in and will practice a performance-based remuneration system.
  4. We believe and support continuous education and the improvement of relevant skill sets of our people.
  5. We believe all members of COSEINC have an important role to play, and as such, a stake in the success and failure of the company.

Positions Available

Mobile Security Researcher

Job Description:

  • Perform cutting edge vulnerability research on IOS or Android.
  • Write detailed technical reports and develop PoC code to demonstrate security issues found.
  • Recommend remediation measures to mitigate the vulnerabilities.
  • Stay updated on the security landscape, especially in the area of mobile vulnerabilities.

Minimum Requirement:

  • Experience with Reverse Engineering , Debugging and Code Analysis on IOS or Android
  • Experience with vulnerability research on IOS or Android
  • Solid understanding of IOS/Android security model, how they are implemented and how they can be bypassed
  • Ability to create POC exploits that demonstrates the severity of security vulnerabilities found
  • Strong problem solving and analysis skills
  • Good track record in the area of IOS and Android vulnerability research, demonstrated by the following:
    • Issued security advisories
    • Relevant work experience
    • Presented at renowned conferences
    • Wrote blog/articles on relevant topics

Virtualization Security Researcher

Job Description:

  • Perform cutting edge vulnerability research on Hypervisor technology.
  • Write detailed technical reports and develop PoC code to demonstrate security issues found.
  • Recommend remediation measures to mitigate the vulnerabilities.
  • Stay updated on the security landscape, especially in the area of hypervisor vulnerabilities.

Minimum Requirement:

  • Experience with Binary Analysis and Reverse Engineering
  • Experience with researching on VMware Hypervisors
  • Ability to create POC exploits that demonstrates the severity of security vulnerabilities found
  • Good record of performing hypervisor related vulnerability research, demonstrated by the following:
    • Wrote blog/articles on relevant topics
    • Training classes
    • Presented at renowned conferences
    • Publicly disclosed CVEs
    • Relevant work experience
    • Substantial code contributions to open-source hypervisors

Web Browser Security Researcher

Job Description:

  • Perform cutting edge vulnerability research on web browsers (running on Windows OS).
  • Identify and audit browsers for bugs that may lead to RCE and bypassing/mitigation of security mechanisms
  • Write detailed technical reports and develop PoC code to demonstrate security issues found.
  • Recommend remediation measures to mitigate the vulnerabilities.
  • Stay updated on new security technologies that may impact web browsers

Minimum Requirement:

  • Experiences in auditing browsers running on Windows for bugs that may lead to remote code execution (RCE)
  • Good understanding of different browser security mechanisms, such as sandboxes, and preferably experiences in auditing these mechanisms to bypass/mitigate them
  • Ability to create POC exploits that demonstrates the severity of security vulnerabilities found
  • Good track record, demonstrated through one or more of the followings:
    • Issued security advisories
    • Relevant work experience
    • Presented at renowned conferences
    • Wrote blog/articles on relevant topics

Linux Security Researcher

Job Description:

  • Perform source code auditing to identify bugs within Linux kernel or open-source applications that may bypass existing security mitigations, thereafter leading to code
  • execution.
  • Write detailed technical reports and develop PoC code to demonstrate security issues found.
  • Recommend remediation measures to mitigate the vulnerabilities.
  • Stay updated on the Linux security landscape

Minimum Requirement:

  • Experiences in auditing source code for Linux Kernel and open-source applications (and services) for bugs that may lead to code execution
  • Good understanding of kernel and userspace exploitation, preferable with experiences in developing proof-of-concepts to demonstrate the severity of bugs found
  • Good track record, demonstrated through one or more of the followings:
    • Issued security advisories
    • Relevant work experience
    • Presented at renowned conferences
    • Wrote blog/articles on relevant topics

R&D (Web) Engineer

Job Description:

  • Perform full SDLC on web applications.
  • Write functional and design specifications for Web applications
  • Design and deliver Web services
  • Create, implement and support Web applications
  • Perform unit, functional, integration and migration testing on Web applications

Minimum Requirement:

  • Strong in Python, Danjo, Ruby on rails, PHP
  • Strong in HTML, CSS, XML
  • Strong in JavaScript, Microsoft JScript and JQuery
  • Be proficient in J2EE or ASP .net
  • Strong in general database concepts, with experience in mysql
  • Strong in applying MVC framework to web development
  • Strong data visualization skill
  • Be proficient in the architecture of clients, servers, and Internet systems
  • Configuration and deployment of Web applications
  • Experienced in Web applications' security principles
  • Applicable for Singaporean and PR only

R&D (Application) Engineer

Job Description:

  • Perform full SDLC on client/server applications.
  • Write functional and design specifications for client/server applications
  • Design and deliver client/server services
  • Create, implement and support client/server applications
  • Perform unit, functional, integration and migration testing on client/server applications.

Minimum Requirement:

  • Strong in C, C++, Java.
  • Strong in Windows API Programming, STL, MFC, WTL and WPF.
  • Strong in Swing, SWT and JavaFx.
  • Be proficient in network programming.
  • Knowledge of Windows driver programming will be an advantage.
  • Experienced in secure application development principles.
  • Applicable for Singaporean and PR only.

Security Researcher

Job Description:

The vulnerability researcher will perform as a hands-on specialist in the identification, discovery, evaluation and in-depth analysis of malware and vulnerabilities in current and future systems.

Primary Responsibilities:

  • Research and Analysis of Computer Security Vulnerabilities
  • Risk Assessment and Analysis of Computer Security Malware and Exploits
  • Recommend and Implement Computer Security Solutions

Minimum Requirements:

  • Experience with or substantial knowledge of Reverse Engineering, current Internet Security Issues (e.g. exploits, trojans, malware, security patches), Software Bugs (e.g. buffer overflows).
  • Strong background in C/C++ and Assembly (x86)
  • Strong knowledge of Windows and/or Linux operating system internals.
  • Familiar with major network and system protocols, APIs, services etc.