When I was a child I'd often get in trouble for 'breaking' things. Teachers, parents, and other authority figures didn't understand what motivated this behavior, but with the benefit of hindsight I now do. I wasn't breaking things at all, I was exploring them. I was learning how they worked by taking them apart and seeing them laid bare. Sometimes, I'd manage to put them back together and occasionally they'd even work!
Once, when I was about twelve or thirteen, I took apart a mechanical bedside alarm clock, laid all the gears out organized by size and was promptly grounded for 'destroying' it. While serving my punishment, I went to work re-assembling it, with one small change. What had previously been a cheap cardboard clock face was replaced with a piece of translucent contact-paper, with numbers careful stenciled in their proper places. I loved that clock. Every morning I'd wake up, see it, and glance deep into its inner workings. That visual reminder that I'd been curious and unlocked its secrets was how I started mornings throughout my formative years.
Somewhere along the line, I lost track of where that clock ended up. It may be gone, but the spirit it demonstrates remains one of my strongest motivators. I've found no better outlet for this drive to understand the inner workings of things than software security assessment.
At Matasano, we treat our client's applications like I did that clock. We take them apart, examine them piece by piece, and arrive at an understanding of what makes them tick. Only after arriving at this can we find and exploit vulnerabilities. We slap a clear face on those applications, with the numbers carefully identifying any discovered flaws. We take them apart and 'break' them, not to be destructive, but to be constructive through understanding them. Thankfully, we don't even end up grounded. :)
There's no area of computing that draws on as many skills, but programming, debugging, protocol analysis, reverse engineering, systems administration, network engineering and cryptographic analysis aren't what make great AppSec consultants. You need to find what motivates you. For me, being tasked with quickly developing a deep understanding of unfamiliar applications plays right into the mindset that led me to explore that clock.
Since we don't have a typical HR team handling inbounds, response times vary significantly from 'really fast' to 'much slower than we'd like.' It depends on a lot of factors outside the applicant's control, including how busy we are with client work, etc. Please try not to read anything into response time, and if you're concerned feel free to send an inquiry.
I'm really not sure if we're doing fall internships or not. We've historically done them over the summer, since that's when most candidates tend to be available.
We're currently making the final decisions regarding summer internships. When we're accepting applications for intern candidates again, I'll be sure to note it accordingly in hiring thread posts at that time.
MATASANO SECURITY - Chicago. New York City. Sunnyvale.
Application Security Consultant
Full-Time, work visa sponsorship available
~-,._.,-~'`^`'~-,._.,-~'`^`'~-,._.,-~'`^`'~-,._.,-~'`^`'~-,._.,-~
What excites you and ignites your muse?
When I was a child I'd often get in trouble for 'breaking' things. Teachers, parents, and other authority figures didn't understand what motivated this behavior, but with the benefit of hindsight I now do. I wasn't breaking things at all, I was exploring them. I was learning how they worked by taking them apart and seeing them laid bare. Sometimes, I'd manage to put them back together and occasionally they'd even work!
Once, when I was about twelve or thirteen, I took apart a mechanical bedside alarm clock, laid all the gears out organized by size and was promptly grounded for 'destroying' it. While serving my punishment, I went to work re-assembling it, with one small change. What had previously been a cheap cardboard clock face was replaced with a piece of translucent contact-paper, with numbers careful stenciled in their proper places. I loved that clock. Every morning I'd wake up, see it, and glance deep into its inner workings. That visual reminder that I'd been curious and unlocked its secrets was how I started mornings throughout my formative years.
Somewhere along the line, I lost track of where that clock ended up. It may be gone, but the spirit it demonstrates remains one of my strongest motivators. I've found no better outlet for this drive to understand the inner workings of things than software security assessment.
At Matasano, we treat our client's applications like I did that clock. We take them apart, examine them piece by piece, and arrive at an understanding of what makes them tick. Only after arriving at this can we find and exploit vulnerabilities. We slap a clear face on those applications, with the numbers carefully identifying any discovered flaws. We take them apart and 'break' them, not to be destructive, but to be constructive through understanding them. Thankfully, we don't even end up grounded. :)
There's no area of computing that draws on as many skills, but programming, debugging, protocol analysis, reverse engineering, systems administration, network engineering and cryptographic analysis aren't what make great AppSec consultants. You need to find what motivates you. For me, being tasked with quickly developing a deep understanding of unfamiliar applications plays right into the mindset that led me to explore that clock.
So, again I'll ask, what excites you?
Learn about our hiring process at http://www.matasano.com/careers or contact us at careers@matasano.com
Get a taste for some of what we do at http://www.microcorruption.com and http://www.cryptopals.com
Check out our blog at http://chargen.matasano.com
~-,._.,-~'`^`'~-,._.,-~'`^`'~-,._.,-~'`^`'~-,._.,-~'`^`'~-,._.,-~