L3Harris TechnologiesRemote
Lead Security Research Engineer
Michigan, United States of America
Full Time
2 weeks ago
$97,500 - $207,500 USD
Visa Sponsor
Key skills
AndroidiOSLinuxPythonSwiftC++CMentoring
About this role
Role Overview
- Finding vulnerabilities in ubiquitous Internet-deployed software and/or popular devices’ software or firmware
- Constructing exploits for vulnerabilities discovered by the company
- Research & development on security technologies in such fields as exploitation, bug-finding, reverse engineering and static analysis
- Working with and for officers, employees or contractors of the company
- Training, management and provision of guidance to junior staff
- Regular interaction with managers, clients, vendors, and customers to field queries and questions
- Take an active role in cross-team projects when needed
- Ability to obtain and maintain security clearance
Requirements
- Bachelor’s Degree and minimum 9 years of prior relevant experience
- Graduate Degree and a minimum of 7 years of prior related experience
- In lieu of a degree, minimum of 13 years of prior related experience
- 5+ years of Vulnerability Research, reverse engineering, and bug-hunting
- Experience with static and dynamic binary analysis
- Experience with iOS, Android, Windows, Linux, or embedded systems kernel, user land, and internals or browser internals
- Experience with common tools in security research (e.g. IdaPro, Ghidra, Radare, Binary Ninja, AFL, SysInternals, GDB, WinDBG, etc)
- Experience with common programming languages (e.g. C/C++, Python, Swift, etc)
- Experience with common architectures (e.g. x86/64, ARM, AARCH64, MIPS, PowerPC, TILEGX, etc)
- Experience with modern security system features, exploit mitigations, and evasion techniques (e.g. defeating ASLR, DEP, Control Flow Guard, ROP, Security Product/AV Evasion, etc)
- Experience with a wide-range of modern exploitation concepts and techniques
- Service in the US Intelligence Community or US Military working in cyber operations
- Experience with Computer Network Operations / Computer Network Exploitation
- Experience with symbolic execution and emulation software (e.g. QEMU, Corellium, VHDL, etc)
- Cryptographic experience (e.g. side-channel attacks, implementing AES, etc)
- Experience teaching and mentoring junior vulnerability researchers
- Bespoke fuzzer development experience
Tech Stack
- Android
- iOS
- Linux
- Python
- Swift
Benefits
- health and disability insurance
- 401(k) match
- flexible spending accounts
- EAP
- education assistance
- parental leave
- paid time off
- company-paid holidays