Mid-Level Vulnerability Researcher

Location: Huntsville, AL (35801)
Company: Battelle
Industry: IT
Job Type: Full Time
Posted: Today

Battelle delivers when others can't. We conduct research and development, manage national laboratories, design and manufacture products and deliver critical services for our clients-whether they are a multi-national corporation, a small start-up or a government agency.

We recognize and appreciate the value and contributions of individuals with diverse backgrounds and experiences and welcome all qualified individuals to apply.

JOB SUMMARY

Battelle is currently seeking a Mid-Level Vulnerability Researcher to work in our Huntsville, AL location.

Do you have a passion for understanding how things work, and ultimately, how they break? Do you enjoy working with discovering vulnerabilities and debugging programs with tools like gdb or QIRA? Does creating automated, scalable, and reverse engineering tools and pipelines excite you? If you answered yes to these questions, this is the job for you!

In this role, you will work with disassemblers and debuggers to quickly understand how embedded devices operate. You will use and build vulnerability research tools that push past the edge of current tools and techniques. In a given, day you will research and debug an embedded device while getting the chance to bounce ideas off of a close-knit team of researchers. You will get to write tools that fuzz, concolically analyze, or process these devices. We have the tools and the mentors you will need to take yourself to the next level and who are eager to learn from your experience.

MAJOR RESPONSIBILITIES

  • Collaborate with the team members to develop software systems that aid in data analytics, network-based applications, reverse engineering tasks, embedded system development, and integration of hardware.
  • Identifies and articulates strengths and weaknesses of solutions, conclusions, and problem approaches during technical discussions.
  • Demonstrates awareness of deliverables and their role within the project plan. Identifies and executes steps necessary to complete less structured assignments with limited guidance from SMEs.
  • Works with internal and external stakeholders to prepare and present technical content tailored to the client's mission. Leads technical discussions, demonstrating command of the technology and adequately fielding questions which arise.
  • Contribute to Internal Research and Development (IRAD) studies and may lead small IRAD tasks.
  • Seeks out technical experts for collaboration and facilitates technical discussions with lower-level staff.
  • Demonstrates understanding of business product offerings and contributes to marketing/business development by providing technical expertise during marketing engagements as well as supporting business development efforts led by others.
  • Forms technical approach and generates technical volumes for small proposals with minimal guidance and leads Work Breakdown Structure (WBS) creation and labor estimates.

THE FOLLOWING IS REQUIRED

  • Bachelor's degree in Computer Science, Computer Engineering, Electrical Engineering, or related field of study with 5 years of experience; Master's degree in related field with 2 years of experience; PhD in a related field; or an equivalent combination of education and experience
  • Develop software to run in user-mode or kernel-mode
  • Ability to code in C or C+
  • Ability to use a scripting language (Python, Perl, Ruby, etc.)
  • Experience with PC and embedded systems architecture to include boot processes and OS internals
  • Experience with a disassembler for vulnerability research (IDA Pro, BinaryNinja, etc.)
  • Understand network protocols
  • Experience with one or more assembly languages (x86, x64, ARM, MIPS, PowerPC, etc.)
  • Experience with one or more debuggers (WinDbg, OllyDbg, gdb, etc.)
  • Experience with vulnerability research on one or more operating systems: Android, iOS, Windows, Linux, MacOS, VxWorks, QNX, RTOSs, or other custom operating systems
  • Ability to demonstrate good organization, communication, problem-solving, and teamwork skills
  • Knowledge of common mitigation techniques (DEP, ASLR, etc.)
  • Familiarity with fuzzers
  • Must be a sole US citizen

THE FOLLOWING IS DESIRED

  • Participation in CTFs
  • Ability to analyze assembly-level code on multiple platforms (x86, x64, ARM, MIPS, PowerPC, etc.)
  • Experience with symbolic analysis
  • Ability to analyze network protocols throughout all layers of the network stack
  • Background in software engineering and architecture
  • Active Top Secret security clearance

SOME OF THE EXTRAS THAT MAKE WORKING HERE GREAT

  • Learn (tuition assistance, paid training) and teach (get published, speak at a conference)
  • Software and Intellectual Property development royalty sharing
  • Mentorship and learning culture
  • Internally funded and guided research projects with large amounts of individual autonomy

WORK ENVIRONMENT:

Battelle has been trusted by elite government clients to solve some of the world's hardest security problems. We work in small agile teams to push the bounds of computing technology. Our high-powered labs include specialized software and hardware, so our engineers have everything they need to invent new Cyber solutions.

Our team is casual putting results over formality. Team members can work flexible hours, and Battelle maintains a 9/80 schedule meaning employees have a chance to take every other Friday off.

We encourage new ideas with our large Independent Research and Development (IRAD) program where engineers work on projects they are passionate about. Inventors and innovators are rewarded by our industry leading IP compensation program. Our group works collaboratively with many parts of Battelle's larger organization on projects ranging from genomics to robotics.

LEGAL DISCLAIMER

The above statements are intended to describe the nature and level of work being performed by people assigned to this job. They are not intended to be an exhaustive list of all responsibilities, activities and skills required of staff members. No statement herein is intended to imply any authorities to commit Battelle unless special written permission is granted by Battelle's Legal Department.

Battelle Benefits

Battelle's benefits program supports employees so they can be at their best at home and at work. It's a comprehensive package including:

  • A benefits concierge service to help you understand and use your benefits
  • Paid parental leave and family formation support
  • A holistic wellness community and employee assistance program offering physical, mental, financial, legal and family support

COVID-19 Vaccine

In compliance with President Biden's Executive Order 14042 and the Safer Federal Workforce Task Force COVID-19 Workplace Safety: Guidance for Federal Contractors and Subcontractors, Battelle requires all employees to be fully vaccinated against COVID-19 as a condition of employment and continued employment and to provide documentation that they are fully vaccinated. Battelle will provide reasonable accommodations based on a qualified disability or medical condition through the Americans with Disabilities Act or the Rehabilitation Act or for a sincerely held religious belief under Title VII of the Civil Rights Act of 1964 (and related state laws).

Battelle is an affirmative action and equal opportunity employer. If a reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact recruiting@battelle.org.

Battelle is an equal opportunity employer. We provide employment and opportunities for advancement, compensation, training, and growth according to individual merit, without regard to race, color, religion, sex (including pregnancy), national origin, sexual orientation, gender identity or expression, marital status, age, genetic information, disability, veteran-status veteran or military status, or any other characteristic protected under applicable Federal, state, or local law. Our goal is for each staff member to have the opportunity to grow to the limits of their abilities and to achieve personal and organizational objectives. We will support positive programs for equal treatment of all staff and full utilization of all qualified employees at all levels within Battelle.



Web Reference : AJF/417225934-202
Posted Date : Sat, 01 Oct 2022

Please note, to apply for this position you will complete an application form on another website provided by or on behalf of Battelle. Any external website and application process is not under the control or responsibility of IT JobServe

Search for more IT Jobs