Senior Security Researcher Energy Systems

Senior Security Researcher Energy Systems

Department: Research & Development

Voluntary work, 4-8 hrs/week

Help out to protect the energy grid

DIVD is the voluntary fire brigade of the Internet. At the Dutch Institute for Vulnerability Disclosure we aim to make the digital world safer by reporting vulnerabilities we find in digital systems to the people who can fix them. We operate on a global level, but do it Dutch style: open, honest, collaborative, and for free. 

As a Security Researcher you can now join our Energy Team, where we search, find and disclose vulnerabilities in energy systems: Electric Vehicle Chargers, Solar Panel Convertors, Home Batteries, Home Energy Management Systems and the like. 

The Energy Team is part of the R&D department and collaborates with our CSIRT, which ensures that potential victims are notified and empowered to take action. DIVD is also a CVE Numbering Authority, so we can judge, register, report and disclose zero days you find and put them on your name. A CVE is a hacker’s best CV, isn’t it? In the meantime, your work directly strengthens the digital resilience of the European power grid. 

DIVD wants to be an open and inviting organization for everyone. We believe it is essential that everyone can join us and feel welcome and safe, regardless of their sexual orientation, gender identity or expression, religious beliefs, or political preference. If you are already part of the hacker community, you may know neurodiversity is included in the package. 

More about the DIVD R&D departement

The Research & Development (R&D) department at DIVD focuses on detecting and analyzing new, recently discovered, and zero-day vulnerabilities in impactful online systems. This team of expert researchers develops Proof-of-Concepts for existing vulnerabilities and provides support in CSIRT cases.

The R&D department has multiple teams that research different types of systems. In addition to the Energy team, we have teams focusing on widely used smart-home IoT devices, open-source software, and operational technology (OT) systems that can be found online. Additionally, we conduct research on advanced technologies such as Post-Quantum Cryptography.

Beyond identifying vulnerabilities, the R&D team plays a crucial role in developing new methods and technologies to enhance cybersecurity. Their work contributes to a safer internet by providing timely alerts and effective protective measures. 

What kind of skills do you ideally have? 

We are not looking for the one who has it all; we are composing a team of complementary experts who share a passion for security. So, you should have at least one, but preferably more, of these technical skills:

• IoT hardware hacking & firmware extraction

• Reverse engineering firmware & analysis

• Mobile app security analysis

• Cloud API security research

• Finding software vulnerabilities

• If you search for zero-days, be able to provide a clear Proof of Concept that meets our CNA standards

Being part of a volunteering hacker collective, we are looking for these Analytical and Communication Skills:

• A proactive and solution-oriented mindset, with the ability to take ownership of tasks.

• The ability to do vulnerability research independently or as part of a team

• If you are a team player, be sensitive to the neurodiversity in the hacker scene

• If you prefer to work by yourself, be able to communicate your findings in clear language or images

• If you like you can also give hacking demo’s or other presentations at the monthly R&D meeting

This is why you want to join us

By joining us, you'll be key to improving global cybersecurity while learning and growing with a passionate team. You can expand your threat classification and risk mitigation knowledge while developing practical communication skills. You will find yourself strengthened by a growing community of helpful hackers who like to deep dive into technical challenges, learn from each other, wear our black and yellow merch with pride, and organize geeky parties now and then.    

Volunteer work, but no less important

We need volunteers who can commit to a set number of hours. Even though this is volunteer work, it still requires dedication and responsibility. You will, therefore, encounter a serious onboarding process once you push the Apply button. Ready to make a difference? Click below and become part of our mission.