Job Description

The FLARE Offensive Task Force (FLARE-OTF) provides in-depth technical support and tooling to support Mandiant’s Red Team and performs offensive security research for the company. OTF’s responsibilities include fixing or debugging payloads used performing pentests, research and development into new pentesting payloads or different ways to stage and deliver payloads for future engagements, performing exploit analysis on samples found in the wild, and performing vulnerability analysis on internal and external software packages.  

The goal of this intern project will be to work with OTF to advance our existing payload research and toolkits. To accomplish this project the intern will first work with OTF members to understand the current research problems that are in progress. The intern will then be given an OTF research or development task to deliver. Examples of tasks include new binary analysis tools or providing a new capability, such as harvesting passwords, to the Red Team, or analyzing why an existing solution is malfunctioning or being caught by a security product. 

RESPONSIBILITIES AND FLARE INTERNSHIP OVERVIEW: 

The goals of the FLARE intern are twofold: to provide an opportunity to introduce the art of malware or vulnerability analysis, and to improve the capacity of the FLARE team. A successful intern will study reverse engineering and offensive techniques resources, so that they may attain the title of "Vulnerability Engineer" and be considered when applying to the FLARE team. A project will be developed based on the interests of the candidate and the needs of the FLARE-OTF team. The project will provide interns an opportunity to work on a cutting-edge offensive security research. Previous project examples include: Red Team Toolkit development and in-the-wild Exploit Hunting.

Qualifications

MINIMUM REQUIREMENTS:

• Clear interest in developing a foundation in offensive research & technologies (Reverse Engineering, Endpoint development, CTF’s, Vulnerability Research, Rootkit Development, etc.).
• 1+ years' experience, via internships, classes, projects or similar, with C, Python, and Go
• Basic understanding of Windows and Unix operating systems internals.
• 1+ years' experience, via internships, classes, projects or similar, with at least one assembly language (x86, x64, ARM, MIPS, etc.).
• Strong abilities in software testing and debugging (IDA Pro, WinDbg, gdb, etc.). 
• Ability to document and explain technical details clearly and concisely. 
• Ability to deliver well-designed and documented code and discuss technical decisions.

PREFERRED QUALIFICATIONS:

• Familiarity with binary exploitation.
• Experience in writing and customizing fuzzers preferred.

Additional Information

At Mandiant we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.