Listing Description

Two Six Technologies is seeking a Principal Vulnerability Researcher to support our growing team in Albuquerque, New Mexico. You will work with a range of clients supporting national security missions. You will become a trusted advisor while learning and performing valuable technical and industry skills. This role is technical at its core – along with in-depth reverse engineering and exploit development you will transition those findings into capabilities.

Job Responsibilities & Duties

• Given the technical nature of this role, experience in computer science, computer engineering, or a similar field is required. Significant proven experience in reverse engineering (RE) or vulnerability research (VR) can show your fit even if your background is outside of one of these fields.


• You should be comfortable taking on complex technical problems for which there is often no known answer.


• You should be comfortable with ambiguity and forging your own path; our small team setting will provide you opportunity for outsized impact.


• While you will receive extensive training, mentorship, and coaching, you must be comfortable executing against goals independently since there’s no playbook for breaking unique complex systems.

Qualifications & Skills- Required:

• Bachelor’s (or higher) degree in computer science, engineering, or a related field (solid knowledge in RE or VR may substitute for a specific degree)


• Minimum 9 years of experience with software/firmware development using low-level programming languages (C and at least one assembly language), scripting languages (e.g., Python), and the *nix command line


• Strong familiarity with cybersecurity principles and a strong interest in learning more


• Minimum 5 years of experience with common disassemblers/decompilers and reverse engineering tools (IDA, Ghidra, Binary Ninja)


• Experience with software reverse engineering concepts: static analysis, dynamic analysis, fuzzing techniques


• Experience performing vulnerability research, including attack surface triage, finding vulnerabilities, and developing proofs of concept to demonstrate security impact


• Active US Security clearance of Top Secret level and ability to obtain and maintain SCI


• Must be eligible/willing to obtain a Polygraph clearance
  
  

Nice to have, but not expected:

• Familiarity with Binary Ninja API or Ghidra scripting


• Familiarity building or securing embedded devices and other digital systems


• Familiarity with embedded binary reverse engineering (ARM, RTOS, etc.)


• Familiarity with basic cryptography design and implementation concepts


• Familiarity with Hardware and embedded devices


• Experience in a client-facing technical role


• An active Top Secret DoD or IC security clearance

Clearance Requirements:

• Active US Security clearance of Top Secret level and ability to obtain and maintain SCI


• Must be eligible/willing to obtain a Polygraph clearance

#LI-ZS1

#LI-ONSITE