Software Reverse Engineer – Job Order 2771

Location: Red Bank, NJ
US citizenship required.

My client, a company of over 10,000 employees, works with U.S. government customers in defense, intelligence, civilian, health care, and state and local markets.

We seek a full-time engineer/researcher with skills in software/firmware reverse engineering to conduct vulnerability assessment and research on commercial and government projects as part of our Applied Cyber Security Department. The candidate will be conduct research and security assessment on embedded controllers, industrial control systems, wireless radios and set top boxes. The candidate will evaluate controller hardware, determine how to access debug interfaces, retrieve, analyze and disassemble firmware and software. The candidate will reverse engineer firmware and software to identify device bootloader, firmware checks, and various code functions for file operations, network I/O and device commands. The candidate will develop and enhance custom tools and plug-ins for commercial software to search for code vulnerabilities and code behaviors of interest. The candidate will also develop debugging tools, custom scripts and capabilities to patch devices without source code. Candidate should have a working knowledge of:

Common commercially-available and open source code disassembly and debugging tools such as IDA Pro, Hopper, binwalk, GNU debugger, etc.
Circuit board debug interfaces, such as JTAG, BDI, SWD
Assembly programming and low level organization of memory and code
Embedded system design and programming
Linux environments
The following skills and experience are preferred:

Python, C/C++, and JAVA programming
ColdFire/68000, ARM and x86 processor instruction sets
Experience with Real-Time Embedded Operating Systems, such as ThreadX, uCOS, QNX, VxWorks
Linux kernel knowledge
Ability to learn new processor instruction sets and programming languages as required.
Requires 8 to 10 years with BS/BA or 6 to 8 years with MS/MA or 3 to 5 years with PhD.

The candidate should demonstrate good problem solving skills, be able to methodically create and test hypotheses, work independently, contribute to a team, think innovatively and be enthusiastic to conduct research and develop tools that advance the state of the art in cybersecurity. Candidate will also have the opportunity to develop cybersecurity skills in penetration testing of web applications, networks, and wireless technologies. Our research facilities are in Red Bank and Basking Ridge, NJ and Chantilly, VA. Remote work is an option.

Minimum Qualifications:

Bachelor’s in Computer Science/Electrical Engineering
Strong oral and written communications skills.
US Citizen.
Desired Qualifications:

Master/s or PhD in Computer Science/Electrical Engineering
CISSP certified
Eligible for Government security clearance.

Submit resume