Two Six Technologies is seeking a Reverse Engineer & Vulnerability Researcher to support our growing team in Arlington, Virgina. You will work with a range of clients supporting national security missions. You will become a trusted advisor while learning and performing valuable technical and industry skills. This role is technical at its core – along with in-depth reverse engineering and exploit development you will transition those findings into capabilities.
Job Responsibilities & Duties
- Given the technical nature of this role, experience in computer science, computer engineering, or a similar field is required. Significant proven experience in reverse engineering (RE) or vulnerability research (VR) can show your fit even if your background is outside of one of these fields.
- You should be comfortable taking on complex technical problems for which there is often no known answer.
- You should be comfortable with ambiguity and forging your own path; our small team setting will provide you opportunity for outsized impact.
- While you will receive extensive training, mentorship, and coaching, you must be comfortable executing against goals independently since there’s no playbook for breaking unique complex systems.
Qualifications & Skills- Required:
- Bachelor’s (or higher) degree in computer science, engineering, or a related field (solid knowledge in RE or VR may substitute for a specific degree)
- Minimum 3 years of experience with software/firmware development using low-level programming languages (C and at least one assembly language), scripting languages (e.g., Python), and the *nix command line
- Strong familiarity with cybersecurity principles and a strong interest in learning more
- Minimum 3 years of experience with common disassemblers/decompilers and reverse engineering tools (IDA, Ghidra, Binary Ninja)
- Experience with software reverse engineering concepts: static analysis, dynamic analysis, fuzzing techniques
- Experience performing vulnerability research, including attack surface triage, finding vulnerabilities, and developing proofs of concept to demonstrate security impact
- Active US Security clearance of Secret level and ability to obtain and maintain TS.
Nice to have, but not expected:
- Familiarity with Binary Ninja API or Ghidra scripting
- Familiarity building or securing embedded devices and other digital systems
- Familiarity with embedded binary reverse engineering (ARM, RTOS, etc.)
- Familiarity with basic cryptography design and implementation concepts
- Familiarity with Hardware and embedded devices
- Experience in a client-facing technical role
- An active Top Secret DoD or IC security clearance
- Active Secret clearance
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Not Provided