Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

Senior Software Engineer for Polyscripting

About Polyverse

At Polyverse, we believe that it’s possible to solve cybersecurity once and for all. We develop leading-edge cybersecurity technology to build diversity across multiple system dimensions, stopping attacks before they start. Our technology is used by government and security-conscious organizations to mitigate against zero-day memory exploits. It is also embedded into devices, hardware and security solutions to provide the ultimate protection against hackers. Learn more at polyverse.com.

What You'll Be Working On

Can you imagine a world where the Equifax attack was impossible, now or in the future? Not it’s “very difficult”, not “it was caught really fast after it happened”, not “preventable if only they had patched” - but unequivocally impossible without excuses - regardless of user-error, misconfigurations, or a developer was debugging something on prod that one time.

Polyscripting is designed to solve just that, through a process of generating a brand-new random never-before-seen programming language, and all legitimate app code transformed to match said language. Any code that is injected later, doesn’t know the language grammar and thus fails to execute.

In our opinion, Polyscripting is the next big thing for cybersecurity.

We know Polyscripting works because we’re already stopping the RCE (Remote Code Execution)-vulnerability-of-the-week on Wordpress through our fully Open Source Polyscripting implementation for PHP.

Today Polyscripting is owned by the small R&D team at Polyverse, but we’re ready to go big with it. With a pent-up demand for more languages like Java, Javascript, Perl, Python, Powershell, Bash and more, our small team needs help.

On top of this you will also be working on even more inventive and exciting ideas in our pipeline that can’t be described in a job post.

What will be expected of you

  1. Focus on building and completing small incremental deliverables. While it is tempting to get carried away on multi-month missions to reinvent “everything”, we need someone who can successfully break down a problem into its parts.
  2. Understand how different parsers work and write meta-programs to modify them such that they parse a new language that is semantically identical (expresses no less meaning than the original language) but are syntactically and grammatically different (expresses the concepts in drastically different ways.)
  3. You’ll focus on the user-experience to keep Polyscripting consumable in real life by real people so they can get real tangible protection in the world they live in.
  4. Support your team and lean on them for help. This is difficult work. There is expertise in the company.
  5. Leave Dogma at the door - this is cutting edge work, and so far as we know, nobody else is doing it. Preconceptions might be challenged. A lot of things will have to be done differently. Many rules-of-thumb won’t apply here. But this is also an opportunity to define your own best practices and standards.

Who We're Looking For

Our engineers are responsible for designing, coding, testing, deploying and supporting our products. We encourage engineers to engage with customers frequently to understand how they are using our products, what could be done better, and what problems we should solve next.

You understand that there are more ideas than we can ever execute in our lifetimes, and have a tendency to break them down into small incremental milestones that can demonstrate a concrete benefit to customers.

You may be the right fit if you...

  • have taken a compiler class and are aware of basic compiler concepts such as parsing (lexical and semantic analysis), Abstract Syntax Trees, code-generation, etc.
  • are comfortable reading and modifying other people’s large C/C++ codebases that are continually changing.
  • have written parsers (maybe toy parsers), played with Lexx/Yacc/Bison, generated ASTs from text, defined formal grammars, etc.
  • Written or worked on transpilers, interpreters, written REPL evaluators, etc.
  • Have a solid background of building, deploying and shipping code.
  • Aren’t bound by “programming language” but will pick up a new language basics quickly by reading a book, watching online tutorials, etc. Ideally you have a history of picking up new languages rapidly.

Bonus points if you...

  • have taken over existing codebases, and are passionate about making other developer's lives easier
  • want to make your code good instead of just making it work
  • have lead a team of engineers
  • have worked on something unusual or contrarian, and won your colleagues over by demonstrating favorable results

About us

At Polyverse we offer a flexible work environment, no politics, but plenty of research and learning opportunities! We’re a team of close-knit technologists and engineers whose skills are matched only by our dedication to solving the global cybersecurity crisis. Founded in 2015 by bringing together top talent from Microsoft, Amazon, Google, and SUSE, Polyverse is led by founder and CEO Alex Gounares. CNBC recently named Polyverse as one of the top 100 startups in the world.

Thank you for considering Polyverse. If you think you fit the bill, please email us your résumé and cover letter (optional) at jobs@polyverse.com.*

*Polyverse provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable federal, state and local laws. Polyverse complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities.

Are you looking for something different?
Check out more job opportunities here!

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.