Our client is a Sub-Prime Defense Contractor. They are an elite, multi-disciplinary team, bringing together the brightest minds from physics, computer science, electrical engineering, and mathematics to develop unique embedded security solutions for government and industrial customers.
They have been trusted by elite government clients to solve some of the world's hardest security problems. They work in small agile teams to push the bounds of computing technology.
They are seeking a Sr. Vulnerability Researcher to conduct vulnerability research across a variety of platforms
This is a direct hire position that requires local candidates to hold an Active Secret Clearance.
In this role, you will work with a team of vulnerability specialists that have the same passion as you. You will use and build vulnerability research tools that push past the edge of current tools and techniques.
On any given day you will research and debug an embedded device while getting the chance to bounce ideas off a close-knit team of researchers.
We have the tools and the mentors you will need to take yourself to the next level and who are eager to learn from your experience.
This position can be based in either of our clients Chantilly, VA or Columbus, OH locations. Travel to the Pentagon, Columbus OH, and / or other Customer locations may be necessary based on program or customer needs.
This is an onsite position based in either Columbus, Ohio or Chantilly, VA which offers a competitive salary and benefits package.
Qualifications
Bachelor’s degree in Computer Science, Computer Engineering, Electrical Engineering, or related field of study with 8 years of experience or master's degree in related field with 5 years of experience or PhD with 2 years of experience;
or an equivalent combination of education and experience in a related field
- Experience with a disassembler for vulnerability research (Ghidra, IDA Pro, BinaryNinja)
- Experience with one or more assembly languages (x86, x64, ARM, MIPS, PowerPC, etc.)
- Experience with one or more debuggers (WinDbg, OllyDbg, gdb)
- Experience with vulnerability research on one or more operating systems : Android, iOS, Windows, Linux, MacOS, VxWorks, QNX, RTOSs, or other custom operating systems
- Knowledge of advanced exploitation techniques (ret2libc,use-after-free,type confusion)
- Knowledge of exploit protection techniques (DEP, ASLR / NX)
- Ability to code in C
- Understanding of network protocols
- Participation in CTFs
- Experience with symbolic analysis
MUST hold an Active Secret Clearance
Columbus, OH or Chantilly, VA
Secret Clearance is required
$120,000-$200,000
Staff Smart, Inc. is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, genetic information, disability status, or any other characteristic protected by law.