Allied Associates International

Senior Vulnerability Research Engineer (TS Clearance)

Job Locations US-VA-Gainesville | US-VA-Dulles | US-VA-Chantilly
Posted Date 3 months ago(4/13/2022 2:08 PM)
ID
2022-1297
# of Openings
1
Category
Engineering

Overview

A2I is seeking a self-motivated Senior Vulnerability Research Engineer who is ready to solve some of the most challenging technical problems in a fast-paced environment supporting national security.  Your role on our team will be to apply advanced reverse engineering (RE), cryptanalysis (CA), and vulnerability exploitation (VE) skills to support a variety of defensive and offensive cyber requirements.  As a senior member of our team, you will be expected to perform your work with minimal guidance and oversight and have the opportunity to mentor junior personnel.  

Responsibilities

Responsibilities

  • Implement capabilities through RE and CA for the purpose of identifying vulnerabilities and determining if they are exploitable
  • Apply knowledge and skills pertaining to RE, CA, to develop simulations for complicated encryption products
  • Manage customer expectations by implementing proactive feedback mechanisms
  • Prepare short presentations summarizing research findings
  • Collaborate with external and technical operational teams
  • Shape CA requirements to meet operational goals 
  • Synthesize creative solutions from technical and operational information 
  • Identify, collaborate and communicate operational requirements that enhance CA 
  • Perform vulnerability assessments of secure technologies to analyze whether protected or inaccessible information is recoverable
  • R&D exploitation techniques to recover passwords and/or plain text information from encrypted communications. 
  • Using tools and techniques developed for data recovery, provide technical assistance in support of customer-directed requirements
  • Analyze applications and platforms to determine if passwords can be recovered
  • Identify opportunities to enhance existing processes/effecting changes

Qualifications

Required Skills (must be experienced in all):

  • C/C++, Python programming in contemporary Windows and Linux/Unix software development environments
  • Knowledge of Windows and Linux System API and ABI
  • Understanding of static and dynamic software analysis tools and techniques
  • 5+ years of experience with functional testing
  • Experience with analyzing malicious code exemplars
  • Experience using tools such as Wireshark, IDA Pro, Kali Linux, Ollydbg, Ghidra, Windbg, Protocol Analyzers, Metasploit Framework, and signals analysis/capture  
  • Experience in reverse engineering Windows applications and Windows kernel modules
  • Experience with software development, including reading assembly code
  • Implementing cryptographic algorithms
  • Windows device driver development
  • Possess strong written/oral communications skills and interact with all levels of Government personnel

 Desired Skills:

  • Experience with network protocol analysis, static and dynamic malware analysis (iOS and Android) is preferred.
  • Knowledge of software engineering focusing on workflow automation of existing tools and products.
  • Proficiency in identifying discreet complex communications technologies that support investigative techniques.
  • Vulnerability Exploitation (VE) capabilities – understanding collaboration between vulnerability analysis concepts and computational resource requirements.
  • Experience debugging embedded systems
  • Experience with ARM / MIPS / PPC assembly languages
  • Experience participating in Capture the Flag (CTF) and/or software hacking competitions

Education Requirement:  Candidate must hold a Bachelor's of Science (B.S.) or Bachelor's of Arts (B.A.) degree in a technical discipline (for example: engineering, mathematics, or computer science). 

 

Clearance Requirement:  Active TS Clearance is required.

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed