Hi, we got a new job opening for Cyber Vulnerability Researcher (Top Secret) in Geologics Corporation
Details :
Company : Geologics Corporation
Location : Palm Bay, FL
position : Cyber Vulnerability Researcher (Top Secret)
Description :
Cybersecurity Vulnerability Researcher
TS/SCI Clearance Required
$65-$97 per hour*
Palm Bay, FL
Palm Bay Florida is part of the Space Coast of Florida with moderate weather and reasonable cost of living within an hour and half from Orlando or West Palm Beach area. Come watch a Rocket Launch on the Engineering Coast of Florida.
GeoLogics is working onsite with a State of the Art team that covers the full life cycle of Vulnerability Research from reverse engineering and emulation, through vulnerability discovery, to production and effects generation. This team also covers a wide range of targets, anything from major consumer electronics to custom proprietary one/off systems. If it runs code, we have either already looked at it or will soon. This Reverse Engineer role utilizes both Penetration Testing and Offensive Security Methods.
Key areas of focus include:
Hardware debugging using JTAG/gdb
Knowledge on typical embedded systems including UART, boot-up sequences, and updating devices
Reverse Engineering ARM, PPC, or Mips binaries
Discovering Vulnerabilities in firmware, device drivers, or in proprietary embedded operating systems
Repurposing vulnerabilities for specific effects
Static and dynamic Analysis
Fuzzer Development
Malware analysis
System Emulation
Requirements:
Familiarity with at least one common low-level architecture (x86, ARM, etc) is important, as is the ability to conduct vulnerability research against applications compiled for that architecture.
Experience with software protection and binary armoring is a plus, and familiarity with modern exploit mitigation techniques and counter-measures is a must.
Over 4 year of experience with one of the four platforms Windows, Linux, iOS, embedded: specific platform: Windows Preferred
Python, ruby, or some other scripting language development within a reverse engineering and vulnerability research efforts.
Variety of low-level operating systems experience as well as cross-platform vulnerability research.
If you’ve written everything from a kernel paged pool exploit to a simple userland stack-based buffer overflow, built your own adaptable instrumentation
integrated a solver to help your identify and reach code, or modified emulators and JIT engines to add your own instrumentation to help you identify entire classes of vulnerabilities, you’ll be right at home.
Desired Skills and Education:
Development experience is desired
Bachelor’s Degree Preferred
Candidates must be able to defeat advanced security techniques.
Working as part of a team you will also need to be familiar with source management tools such as GIT and Ansible, Docker, Jira, Confluence
+ Privilege Levels: Bootchain, Kernelmode, LPE, RCE, Sandbox Escape, TrustZone, Usermode
+ Reverse Engineering Tools: ApkTool, Binary Ninja, BinDiff, Binwalk, Dex2Jar, Diaphora, GDB, Ghidra, JTAG, Hex-rays IDA +
Experience with Fuzzing: AFL, AFL++, AFLSmart, QEMU, Unicorn
Amy Cody-Quinn
acquinn@geologics.com
Applicants selected will be subject to background and security investigation and will need to meet eligibility requirements for access to classified information.
Rates listed are not a guarantee of salary/rate. Rate offered at time of hire will depend on many factors including education, experience, interview results and skill level
NOTE: US Citizenship is required. We cannot work with outside agencies of any kind in filling this long term W2 hourly contract opportunity
GeoLogics is an Equal Opportunity/Affirmative Action Employer that is committed to hiring a diverse and talented workforce. EOE/Disability/Veteran