Job Number: R0048601
Mobile Security and Vulnerability Engineer, Senior
Leverage knowledge of technical work, and expertise in problem solving to tackle challenging, mission-critical projects that have a direct impact on national security and criminal investigations. Leverage expertise in software reverse engineering and vulnerability on embedded platforms, including Android and iOS, to discover security flaws, data leakages, and code exploitation vulnerabilities. Analyze proof of concept code and document discoveries for an internal knowledge base that will assist the intelligence community. Serve as a part of an experienced and diverse reverse engineering team working on cutting-edge technologies. This position allows for flexible work arrangements, including possible remote delivery.
-3+ years of experience with vulnerability research, including reverse engineering or exploit development
-Experience with performing vulnerability research via source code review or fuzzing
-Experience with popular binary reverse engineering disassemblers and decompiles, including IDA Pro, Hopper, JEB, or Radare2
-Experience with active debugging software, including LLDB, GDB, or OllyDbg
-Knowledge of common processor architectures, including x86 and x64 and arm and arm64 and how modern operating systems work
-Ability to review source code and identify vulnerabilities
-Ability to work independently and with a team of reverse engineers, exploit developers, and software engineers.
-HS diploma or GED
-Experience with reverse engineering mobile platforms, including iOS and Android
-Experience with identifying and exploiting memory corruption bugs, including stack and heap overflows
-Experience with bypassing common exploit mitigation techniques, including ASLR or stack cookies
-Experience with software development in C/C++, C#, Java, Python, or equivalent
-Experience with binary file format reverse engineering
-Experience with analyzing networking traffic, including using software such as Wireshark, Burp Suite, MITM, or similar
-Knowledge of basic cryptography concepts and common weaknesses
-Knowledge of penetration testing techniques on mobile and Web platforms, including session hijacking, cross-site scripting, or SQL injection
-Top Secret clearance
-BA or BS degree
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required.
We're an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.JHT
Apply on company website