Listing Description

STR is hiring a Software Vulnerability Researcher to be part of a multidisciplinary team developing cutting-edge technology with significant and immediate impact on our national security. This role offers an excellent opportunity to work at the nexus of software and real-world physical systems.

Possible activities include emulating complex software in virtual environments, reverse engineering systems and software, and performing static and dynamic vulnerability analysis. Ideal candidates will identify bottlenecks and develop their own solution to overcome them. Experience with sound software engineering principles is valuable.

Duties will include:

• Reverse engineering and characterizing software and firmware


• Developing custom emulation solutions to enable dynamic analysis


• Identifying software vulnerabilities, and developing tools to assist in this process


• Communicating results to other employees and our customers

Requirements:

• U.S. Citizen with the ability to obtain a Top Security (TS) Clearance


• BS, MS, or PhD in computer science, computer engineering, electrical engineering, physics, mathematics, or related field


• Proficient in either C or C++, and familiarity with Python


• Experience with software reverse engineering tools (Ghidra, IDA Pro, Binary Ninja)


• Have a general understanding of one of more low-level assembly languages (x86, ARM, MIPS)

Desired Skills:

• Familiarity with the concepts of reverse engineering, binary emulation, and vulnerability research, including tools such as Ghidra, QEMU, and AFL++.