Mobile Security and Vulnerability Engineer, Senior

Location
Lorton, VA
Posted
Jun 10, 2019
Closes
Sep 21, 2019
Ref
R0059698
Hours
Full Time
Mobile Security and Vulnerability Engineer, Senior
Key Role:
Leverage knowledge of technical work and expertise in problem-solving to tackle challenging, mission-critical projects that have a direct impact on national security and criminal investigations. Leverage expertise in software reverse engineering and vulnerability on embedded platforms, including Android and iOS, to discover security flaws, data leakages, and code exploitation vulnerabilities. Analyze proof of concept code and document discoveries for an internal knowledge base that will assist the intelligence community. Serve as a part of an experienced and diverse reverse engineering team working on cutting-edge technologies. This position allows for flexible work arrangements, including possible remote delivery.

Basic Qualifications:

-3+ years of experience with vulnerability research, including reverse engineering or exploit development

-Experience with performing vulnerability research via source code review or fuzzing

-Experience with popular binary reverse engineering disassemblers and decompiles, including IDA Pro, Hopper, JEB, or Radare2

-Experience with active debugging software, including LLDB, GDB, or OllyDbg

-Knowledge of common processor architectures, including x86 and x64 and arm and arm64 and how modern operating systems work

-Ability to review source code and identify vulnerabilities

-Ability to work independently and with a team of reverse engineers, exploit developers, and software engineers.

-Secret clearance
-HS diploma or GED

Additional Qualifications:

-Experience with reverse engineering mobile platforms, including iOS and Android

-Experience with identifying and exploiting memory corruption bugs, including stack and heap overflows

-Experience with bypassing common exploit mitigation techniques, including ASLR or stack cookies

-Experience with software development in C/C++, C#, Java, Python, or equivalent

-Experience with binary file format reverse engineering

-Experience with analyzing networking traffic, including using software, such as Wireshark, Burp Suite, MITM, or similar

-Knowledge of basic cryptography concepts and common weaknesses

-Knowledge of penetration testing techniques on mobile and Web platforms, including session hijacking, cross-site scripting, or SQL injection

-Top Secret clearance

-BA or BS degree

Clearance:

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required.

We're an EOE that empowers our people-no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic-to fearlessly drive change.

JHT

Similar jobs