Listing Description
You will work with a range of clients from the country’s largest ISPs to critical infrastructure providers to innovative tech startups. You will become a trusted advisor while learning and performing valuable technical and industry skills. This role is technical at its core – with a strong focus on in-depth reverse engineering, exploit development, as well as the development of tools to aid in the reverse engineering process.
Since we are a small team, you will not be lost in the shuffle. You will be a key player in a fast paced team, owning your own projects and developing client relationships. You will have access to top experts in the field with experience across a range of domains and will have numerous opportunities to define your work.
Job Responsibilities & Duties
- Unpack and analyze primarily embedded device firmware, ranging from bare metal code to embedded linux systems
- Work with the pentesting team to identify attack surfaces on a device
- Reverse engineer binaries and services, or review source code, to identify vulnerabilities and write PoCs where applicable
- Work with clients to remediate vulnerabilities and harden their product
- Thoroughly assess all attack surfaces on a device including network-reachable services and hardware interfaces (UART, USB, JTAG, etc.)
Qualifications & Skills- Required:
- Strong familiarity with common bug classes, bad practices, and exploit/PoC development
- Experience with common disassemblers/decompilers and reverse engineering tools (IDA, Ghidra, Binary Ninja)
- Experience with software reverse engineering concepts: static analysis, dynamic analysis, fuzzing techniques
- Bachelor’s (or higher) degree in computer science, engineering, or a related field (solid knowledge in RE or VR may substitute for a specific degree)
- Expert command of low-level programming languages (C and at least one assembly language), scripting languages (e.g., Python), and the *nix command line
Nice to have, but not expected:
- Experience in a client-facing technical role
- Familiarity with Binary Ninja API or Ghidra scripting
- Familiarity building or securing embedded devices and other digital systems
- Familiarity with embedded binary reverse engineering (ARM, RTOS, etc.)
- Familiarity with basic cryptography design and implementation concepts
Listing Details
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Not Provided