A²I is seeking a self-motivated Vulnerability Researcher who is ready to solve some of the most challenging technical problems in a fast-paced environment supporting national security.  Your role on our team will be to apply advanced reverse engineering (RE), cryptanalysis (CA), and vulnerability exploitation (VE) skills to support a variety of defensive and offensive cyber requirements.  

Responsibilities will include the following:

• Implement capabilities through RE and CA for the purpose of identifying vulnerabilities and determining if they are exploitable
• Apply knowledge and skills pertaining to RE, CA, to develop simulations for complicated encryption products
• Prepare short presentations summarizing research findings
• Collaborate with external and technical operational teams
• Shape CA requirements to meet operational goals 
• Synthesize creative solutions from technical and operational information 
• Identify, collaborate, and communicate operational requirements that enhance CA 
• Perform vulnerability assessments of secure technologies to analyze whether protected or inaccessible information is recoverable
• Research exploitation techniques to recover passwords and/or plain text information from encrypted communications 
• Using tools and techniques developed for data recovery, provide technical assistance in support of customer-directed requirements
• Analyze applications and platforms to determine if passwords can be recovered
• Identify opportunities to enhance existing processes/effecting changes

Required Skills:

The Vulnerability Research Engineer must possess five (5) or more years of experience in the field of vulnerability research, and be capable of working in all the following areas:

• C/C++, Python programming in contemporary Windows and Linux/Unix software development environments
• Knowledge of Windows and Linux System API and ABI
• Understanding of static and dynamic software analysis tools and techniques
• Experience using tools such as Wireshark, IDA Pro, Kali Linux, Ollydbg, Ghidra, Windbg, Protocol Analyzers, Metasploit Framework, and signals analysis/capture  
• Experience in reverse engineering Windows applications and Windows kernel modules
• Experience with software development, including reading assembly code
• Implementing cryptographic algorithms
• Windows device driver development

Desired Skills:

• Experience with network protocol analysis, static and dynamic malware analysis (iOS and Android) is preferred
• Knowledge of software engineering focusing on workflow automation of existing tools and products
• Proficiency in identifying discreet complex communications technologies that support investigative techniques
• Vulnerability Exploitation (VE) capabilities – understanding collaboration between vulnerability analysis concepts and computational resource requirements
• Experience participating in Capture the Flag (CTF) and/or software hacking competitions
• Experience debugging embedded systems
• Experience with ARM / MIPS / PPC assembly languages
• Possess strong written/oral communications skills and interact with all levels of Government personnel

Education Requirement:  Candidate must hold a B.S. or B.A. degree in a technical discipline (for example: engineering, mathematics, or computer science)

Clearance Requirement:  Active TS Clearance is required