We are currently seeking a Principal Vulnerability Researcher
for a long-term opportunity located in Arlington, Virginia. This position is approved for flex scheduling and remote one day a week. (IF NOT LOCAL, RELOCATION ASSISTANCE AVAILABLE!)
Will consider clearable (US Citizens) through those highly cleared. We offer the ability to provide initial sponsorship or upgrade an already active clearance.
In this role, you
will be the key player in a small fast-paced team, owning your own projects and developing client relationships. Leading the technical/functional planning and execution of highly visible project(s)including staffing, scheduling, and deliverables. You will have numerous opportunities to define your work.
You should be comfortable taking on complex technical problems for which there is often no known answer. You should be comfortable with ambiguity and forging your own path; our small team setting will provide you with opportunity for outsized impact. You will possess a demonstrated track record of success in inspiring creativity and resourcefulness to a wide range of difficult problems with thorough solutions. You will provide technical/functional mentorship, guidance and expertise to project, program and functional staff.
Nice To Have:
- Bachelors Degree in computer science, engineering, or a related field desired. (Significant proven experience in reverse engineering (RE) or vulnerability research (VR) can show your fit even if your background is outside of one of these fields. Will consider experience in lieu of degree!)
- Experience with firmware development using low-level programming languages (C and at least one assembly language), scripting languages (e.g., Python), and the *nix command line.
- Strong familiarity with cybersecurity principles and a strong interest in providing guidance to program staff.
- Experience with common disassemblers/decompilers and reverse engineering tools (IDA, Ghidra, Binary Ninja)
- Experience with software reverse engineering concepts: static analysis, dynamic analysis, fuzzing techniques.
- Active US Security clearance of Secret level and ability to obtain and maintain TS
- Must be willing to obtain and maintain a Polygraph clearance
- Experience creating intellectual capital, white papers, blogs, etc. to maintain existing and expand new business.
- Familiarity with Binary Ninja API or Ghidra scripting
- Familiarity building or securing embedded devices and other digital systems
- Familiarity with embedded binary reverse engineering (ARM, RTOS, etc.)
- Familiarity with basic cryptography design and implementation concepts
- Previous experience in a client-facing technical role