Intel plays a key role in any data-centric initiative in the world, providing technologies that enable our customers to innovate and compete, effectively changing the world. As an Offensive Security Research (OSR) Intern at Intel, you will take part in complex, multi-disciplinary security research projects using your research expertise. The ideal candidate is able to understand requirements and problems with little information, figure out potential research paths, and deal with adversity (steep ramp-up, non-existent/completely-different toolset). An ideal candidate is also comfortable talking to organization leaders to share results and findings (and drive decisions), and is comfortable with discussing priorities and tasks with other security researchers.
Intel OSR is involved in projects of various size and scope, and we are looking for an individual whose technical and leadership expertise will help us explore identified research opportunities, increase impact of key learnings generated by their work, improve processes, and support leaders in the quest to drive the technical direction of our programs, helping us influence Intel's security directions. Team engagements involve long-term objectives, ability to ramp quickly, and efficient handling of short-term & long-term deliverables.
The individual should have ample knowledge and love for information security, excellent written and verbal communication skills, as well as ability to be organized and detail-oriented, to work in a team in which technical excellence is the primary requirement.
Responsibilities include the following:
Vulnerability Research (identifying classes of vulnerabilities and writing proof of concept code)
Impact Analysis and Mitigation guidance (for important findings by other teams in hard to patch areas)
Automation and research guidance (to identify and map new high-priority objectives)
Develop robust counter measures and mitigations.
This role requires maintaining substantial knowledge of state-of-the-art security principles, theories, and attacks, with lots of hands-on expectations in order to contribute those insights to internal and external stakeholders.
Minimum work experience requirements:
2+ years of experience (or equivalent hands-on work through side-projects, hobbies, class projects, etc.) in the field of system security research, and exploring software + hardware techniques as a method of attack against targets within computing systems.
In-depth experience with vulnerability research
Demonstrated expertise in exploit development (published exploits and write-ups on exploiting new classes of issues, new techniques, tools are greatly appreciated)
Reverse Engineering experience (or, for researchers focused on open-source software, demonstrated expertise on reading assembly and writing exploits for complex vulnerability classes)
Knowledge of computer architecture, CPU, SoC, chipsets, BIOS, Firmware, Drivers, and other compute paradigms
The ideal candidate should also have:
Ability to work autonomously in a less structured startup type environment with minimal supervision
Ability to span security expertise over HW, SW and Firmware domains
Passion for security research and community impact, demonstrated by published research and collaboration to community efforts (yes, Phrack and PoC '' GTFO papers are appreciated more than certifications)
Inside this Business Group
Intel's Product Assurance & Security team is chartered with building & maintaining customer trust through unparalleled security, privacy & assurance of Intel products. This team drives security & assurance governance, identifies emerging threats, secures existing products through mitigations and defines & initiates future security innovations for Intel products.