Vulnerability Researcher 1 - $236k/yr TS/SCI FS-Poly with Security Clearance

---

Job description

Candidates must already possess an active Top Secret/SCI w. Full Scope Polygraph to be considered for this position. Apply in 60 seconds at Summary: Conduct reverse engineering analysis on software and hardware components. Identify and exploit vulnerabilities in systems. Develop tools and techniques to enhance reverse engineering capabilities. Vulnerability Researcher 1 requires having found at least one significant 0-day in the last year. Qualifications: Experience programming in Assembly, C, C#, C++, Perl, or Python with an understanding of system interactions with these libraries vs. production-style environments. Use of Unix/Windows system APIs. Understanding of virtual function tables in C++. Heap allocation strategies and protections. Experience with very large software projects. Kernel programming experience (WDK / Unix Linux) is a significant plus. Hardware/software reverse engineering experience, including the use of tools (e.g., IDA Pro, Ghidra, Binary Ninja) to identify abstract concepts about the code flow of an application. For hardware reverse engineering, candidates expected to have performed analysis of embedded devices, focusing primarily on identifying the software stack and points of entry to the hardware (e.g., not interested in FPGA reverse engineering, or other circuit reverse engineering). Candidates who can merge low-level knowledge about compilation of C/C++ code with a nuanced understanding of system design to identify and exploit common vulnerability patterns. Candidates should be comfortable with, at a minimum, user-mode stack-based buffer overflows, and heap-based exploitation strategies. Job Description: Conduct in-depth analysis of software and hardware components to identify vulnerabilities and potential security risks. Develop and implement reverse engineering techniques to gain a deep understanding of system behavior. Identify and exploit common vulnerability patterns, such as buffer overflows and heap-based vulnerabilities. Create tools and scripts to automate reverse engineering tasks and improve efficiency. Collaborate with other security professionals to share knowledge and expertise. Stay updated on the latest security trends and techniques. About SYSTOLIC: SYSTOLIC is dedicated to giving our employees the best possible company experience so that they can focus on providing outstanding support to their customer's mission. Our company is founded on integrity, enthusiasm, and a relentless commitment to supporting the Intelligence Community. WHAT WE DO We capture a massive amount of cleared engineering work and provide our employees with abundant job choices We pay our employees top dollar for the work they select We operate a fair, flexible, a la carte benefits model so that each employee can customize their compensation to fit their needs We enthusiastically support our employees who wish to explore new work opportunities within SYSTOLIC We generously reward our employees who contribute to company growth by bringing in new hires and contracts WHAT WE AVOID We don't deviate from our model of providing highly-skilled subcontractor support We don't push our employees toward contract choices that maximize profit at the expense of employee happiness We don't delay employee compensation as a retention tactic We don't waste money that could be better allocated to employee pay We don't force our employees to work undesirable hours or huge workloads We don't sell our company WE ARE AN AWESOME FIT FOR YOU IF You're not feeling the love at your current job, and your company hasn't shown you any better options You're bummed that your company just got acquired by a giant corporation or investment group You're frustrated that your company doesn't care about your career goals and professional interests You're tired of waiting for your stock options to vest or your bonus to get paid out You're sick of arguing with your boss each year about your annual pay raise You're annoyed that your company cannot accommodate your schedule and location preferences and your only option to get better work is to move to a different company You're disappointed that you don't receive fair compensation for bringing new employees or contracts to your company

<!– job description page –>