Important: This hybrid FTE position will be on-site *no less than* 3 days/week in Lexington, MA; no long-distance commuters, please. Relocation is arranged and fully paid for, keeping the employee and their family at the forefront.
Rogue Talent is hiring a Staff Security Researcher to contribute to reverse engineering and vulnerability/exploit discovery efforts for a prestigious cyber R&D institution (FFRDC) whose mission is the defense and security of the US. The ideal candidate will have active clearance and deep cybersecurity expertise (software & firmware) in the DoD and/or intelligence space.
This elite team performs software & embedded systems reverse engineering, vulnerability research, and system exploitation. They develop and prototype cutting-edge capabilities for operational partners in the US government, looking for, finding, and demonstrating cyber vulnerabilities so that critical systems in the US can be corrected, and so that exploits in other systems are better understood. Top government leadership relies on this group's expertise and guidance.
In this key IC role, the Staff Researcher will:
- Lead the development of cybersecurity tools & techniques.
- Reverse engineer and exploit software & embedded systems.
- Conduct analysis of offensive and/or defensive cyber tools & systems.
- Perform manual binary analysis & automated vulnerability discovery.
- Analyze software protection mechanisms.
- Engage in static analysis & dynamic instrumentation.
- Communicate research findings to non-technical experts, gov't sponsors.
Credentials:
- Masters or PhD in Computer Science/Engineering or related discipline is preferred, or 7+ years of formal relevant experience.
- Pass a pre-employment background check, and be able to obtain at least a secret-level DoD security clearance.
- Must be eligible & willing to pursue a Top Secret SCI-level DoD security clearance and be able to maintain once obtained (FSP highly advantageous).
Qualifications: Ideal candidate will have familiarity with all, expertise in some.
- Dissassemblers/Decompilers (Ghidra, IDAPro)
- Debuggers (WinDbg, GDB)
- Programming Languages (C/C++, Python)
- Infrastructure Systems (Ansible, Kubernetes, Docker)
- Network Protocol Analysis (Wireshark, Tcpdump)
- Emulator/Virtualization Technologies (VMWare, QEMU)
- OS Internals
- Reverse Engineering of Embedded Systems, Firmware, Malware, Mobile Apps, etc.
- Vulnerability Analysis ; Statistics and Metrics
- SAT/SMT Solvers, Symbolic Execution
- Data Flow Analysis for Compiled Binaries
- Binary Intermediate Representations & Translation
- Compiler Construction
- Anti-Debugging/Anti-Instrumentation Techniques
Compensation:
- $165-205K base salary range
- Fully-funded pension + matching 401K
- Comprehensive health, dental, vision plans
- Generous PTO (vacation, sick, parental, military, etc.)
- Tuition reimbursement & continuing education programs
- Cybersecurity conference allowance, mentorship programs
- Top-level work-life balance culture, with retention track record to back it
