Reverse Engineer / Vulnerability Researcher
Job Description
Reverse Engineer / Vulnerability Researcher
Do you want to lead the way in processes, techniques, tools, tactics, and technology supporting Offensive Cyber Operations?
Are you skilled in Reverse Engineering or Vulnerability Research?
RMSC6ISR
RMSCYTJ
Desired skills
Experience in any of the areas below :
Interest in Offensive Cyber and / or hacking demonstrated through experience, certifications, or personal projects.
Experience developing in C, C++, or objective C.
Scripting language experience. (Python, Ruby, etc.)
Assembly language experience. (x86-64, ARM, MIPS, PowerPC, etc.)
Demonstrated understanding of common IP network principles. (IP addressing, subnetting, routing, NAT, VLANs, etc.)
Experience with reverse engineering tools and debuggers. (IDAPro, Ghidra, Binary Ninja, etc.)
Experience with virtualization and emulation tools.(VMware, KVM, QEMU, etc.)
Strong communication skills specifically working with technical audiences (verbal and written).
Demonstrated knowledge of internals for any major operating system including Windows, Linux, MacOS, Android, iOS, and any real-time operating system.
Experience performing low-level development (ex : C and / or assembly) for any major operating system.
Experience developing proof-of-concept exploits to include CVEs.
Experience firmware dumping (SPI flash, JTAG, SWD, UART, etc.)
Demonstrated understanding of basic cryptography and current cryptographic protocols.
Experience in any of the following developer tools :
- Project Collaboration Tools (Atlassian Jira, Confluence, etc.)
- Development build tools (GNU Make, cross-compilers, etc.)
- Software configuration management (Git, Subversion, etc.)
- Automated test and CI / CD systems (Atlassian Bamboo, Jenkins, etc.)
- Virtualized environments (VMware, Hyper-V, KVM, etc.)
Experience in Multiple Security Tools and Techniques :
- Reverse engineering tools (IDAPro, Ghidra, Binary Ninja, etc.)
- Dynamic analysis tools and emulation (gdb, QEMU, etc.)
- Protocol analysis tools (Wireshark, etc.)
- RF test equipment (SDRs, spectrum analyzers, etc.)
- Electronics test equipment (ex : oscilloscopes, logic / bus analyzers, JTAG, traffic generators, etc.)
- Glitching (Clock, Power, Thermal, etc.)
Experience with one or more communications and network protocols such as :
- Data exchange formats (JSON, XML, etc.)
- Data transfer protocols (FTP, TFTP, HTTP(S), MQTT, WebSocket, etc.)
- Network service protocols (DHCP, DNS, SNMP, etc.)
- Wireless technologies (Wi-Fi, Bluetooth, cellular networking, ZigBee, LoRaWAN, etc.)
- Tunneling protocols (IPsec, OpenVPN, tor, etc.)
- Media protocols (SIP, VoIP, HTML5 audio / video, etc.)
Experience with one or more hardware protocols such as :
- Hardware bus protocols (SPI, I2C, USB, PCI Express, Thunderbolt, etc.)
- ICS / SCADA bus protocols (Modbus, PROFIBUS, PROFINET, etc.)
- Vehicular CAN bus