Senior Embedded Vulnerability Researcher
Company: Draper Labs
Location: Reston
Posted on: September 3, 2024
|
|
Job Description:
Overview:Draper is an independent, nonprofit research and
development company headquartered in Cambridge, MA. The 2,000+
employees of Draper tackle important national challenges with a
promise of delivering successful and usable solutions. From
military defense and space exploration to biomedical engineering,
lives often depend on the solutions we provide. Our
multidisciplinary teams of engineers and scientists work in a
collaborative environment that inspires the cross-fertilization of
ideas necessary for true innovation. For more information about
Draper, visit .Job Description Summary:Draper's Offensive Cyber
Security Group is looking for dedicated individuals to develop
tailored solutions to meet our DoD and IC Sponsor directives. Our
organization's not-for-profit status ensures a capability-driven
focus on the United States of America's national interests that
allows us to address some of our Nation's most pressing challenges.
Due to the variety of USG organizational needs, our technical
efforts and opportunities vary from conventional cyber operations
enablement tooling to embedded vulnerability research and exploit
development on a wide range of devices and systems.
Technical Skills:
* Program Analysis, Reverse Engineering, and Vulnerability
Research
* Proficiency with modern program analysis methodologies and
techniques
* This can include static or dynamic
* Reverse-engineering assessment techniques for firmware or
embedded systems
* Familiarity with binary file and filesystem structures and
formats
* Hands-on proficiency with reverse engineering tooling such as:
Ghidra, IDA, GDB, RR
* Experience in program analysis
* Hands-on proficiency with physical instrumentation or hardware
modification, soldering
* Experience with JTAG/SWD/BDM, and eMMC/NAND/SPI flash data
extraction
* Exploitation techniques for embedded devices across platforms and
architectures
* Familiarity of network stack and internals
* Familiarity of operating system internals throughout user mode,
kernel mode, and during boot processes for at least one of the
following: GNU/Linux, RTOS
* Familiarity with architectures and assembly: x86, ARM, Hexagon,
PowerPC
Languages and Development:
* Proficiency with programming languages such as: C, C++, Python,
Java
* Familiarity with scripting languages such as: Bash,
Powershell
* Familiarity in development environments for GNU/Linux or
Windows
Leadership and Business Development:
* Successful history in authoring of technical proposals and
documents
* Leadership in advanced R&D initiatives, including
government-funded projects
* Leadership of critical programs with more than two full time
staff members
* Proficient in teamwork and communication with diverse
audiences
Preferred Qualifications:
* Experience with side channel attacks (glitching) to place
components and/or devices into altered states to bypass
protections.
* Familiarity with custom filesystem extraction and modification,
removal and/or regeneration of OOB/CRC data.
* Familiarity with bus and protocol analysis.Job Description:*
Assess hardware and software for security vulnerabilities using a
breadth of technologies and techniques.* Develop software that
meets behavior and security requirements for tailored
applications.* Integrate software capabilities with other tasks or
groups to improve performance or behavior requirements.* Create new
tools and systems to detect and exploit vulnerabilities and system
weaknesses.* Document nominal application and system functionality,
in addition to implemented changes.* Drive solutions to complex
problems with limited direction - contribute to requirements.
development, propose ways forward, and adapt appropriately to
changes in requirements.* Provides insight and suggest design
modifications based on analysis outcomes, and to apply analysis
techniques across a range of technical disciplines.* Identifies
program/system-level technical risks and develop and execute
mitigation strategies.* Actively mentor less experienced engineers
and provide thoughtful, constructive feedback.* Performs other
related duties as assigned.* Curiosity-driven approach to solving
complex, customer-driven problems as part of a multi-disciplinary
team.* Collaborate and communicate effectively and openly with
multi-disciplinary program team members, program leadership, and
non-technical personnel.* Be a team player able to work in a
fast-paced environment with the ability to balance multiple
competing tasks and demands.EducationRequires a bachelor's in
computer science, computer engineering, or related
field.Experience5-10 years of experience in Cybersecurity or
related field is required.Additional Job Description:Applicants
selected for this position must be required to obtain and maintain
a government TS/SCI security clearance.Connect With Draper for
Future Opportunities! If you don't find the right posting in our
Career Opportunities, you may for future consideration.Job Location
- City:CambridgeJob Location - State:MassachusettsJob Location -
Postal Code:02139-3563Our work is very important to us, but so is
our life outside of work. Draper supports many programs to improve
work-life balance including workplace flexibility, employee clubs
ranging from photography to yoga, health and finance workshops, off
site social events and discounts to local museums and cultural
activities. If this specific job opportunity and the chance to work
at a nationally renowned R&D innovation company appeals to you,
apply now .Equal Employment Opportunity: Draper is committed to
creating a diverse environment and is proud to be an affirmative
action and equal opportunity employer. We understand the value of
diversity and its impact on a high-performance culture. All
qualified applicants will receive consideration for employment
without regard to race, color, religion, sex, disability, age,
sexual orientation, gender identity, national origin, veteran
status, or genetic information. Draper is committed to providing
access, equal opportunity and reasonable accommodation for
individuals with disabilities in employment, its services,
programs, and activities. To request reasonable accommodation,
please contact .
Keywords: Draper Labs, Reston , Senior Embedded Vulnerability Researcher, Accounting, Auditing , Reston, Virginia
Click
here to apply!
|