Will have researchers, ethical hackers bringing them issues to pursue/determine if it is a true vulnerability or not vs. traditional reporting from a pen test, etc.
understanding on network, software, firmware will be helpful, previously being a software developer also ideal