Senior Vulnerability Researcher
Description:
divh2Senior Vulnerability Researcher/h2pBattelle is currently seeking an aspiring Senior Vulnerability Researcher to work in our Columbus, OH location.
Do you have a passion for understanding how things work, and ultimately, how they break?
Do you enjoy working with discovering vulnerabilities and debugging programs with tools like gdb or QIRA?
Does creating automated, scalable and reverse engineering tools and pipelines excite you?
If you answered yes to these questions, this is the job for you!
As a Senior Vulnerability Researcher, you will work with disassemblers and debuggers to quickly understand how embedded devices operate.
You will use and build tools that push past the edge of current tools and techniques.
In a given day you will research and debug an embedded device while getting the chance to bounce ideas off of a close-knit team of researchers.
We have the tools and the mentors you will need to take yourself to the next level and who are eager to learn from your experience./ppFrom Silicon to Systems - We are an elite, multi-disciplinary team, bringing together the brightest minds from physics, computer science, electrical engineering, and mathematics to develop unique embedded security solutions for government and industrial customers.
Battelle has been trusted by elite government clients to solve some of the worlds hardest security problems.
We work in small agile teams to push the bounds of computing technology.
Our high-powered labs include specialized software and hardware, so our engineers have everything they need to invent new Cyber solutions.
We encourage new ideas with our large Internal Research and Development (IRAD) program where engineers work on projects they are passionate about.
Inventors and innovators are rewarded by our industry-leading IP compensation program.
Our group works collaboratively with many parts of Battelles larger organization on projects ranging from genomics to robotics./ppKey Qualifications:/pulliBachelors degree in Computer Science, Computer Engineering, Electrical Engineering, or related field of study with 8 years of experience; Masters degree in related field with 5 years of experience; PhD in a related field with 2 years of experience; or an equivalent combination of education and experience/liliDevelop software to run in user-mode or kernel-mode/liliStrong understanding in reading assembly language and using debugging tools/liliExperience with a disassembler for vulnerability research (Ghidra, IDA Pro, BinaryNinja)/liliExperience with one or more assembly languages (x86, x64, ARM, MIPS, PowerPC, etc.)/liliExperience with one or more debuggers (WinDbg, OllyDbg, gdb)/liliExperience with vulnerability research on one or more operating systems: Android, iOS, Windows, Linux, MacOS, VxWorks, QNX, RTOSs, or other custom operating systems/liliKnowledge of advanced exploitation techniques (ret2libc,use-after-free,type confusion)/liliKnowledge of exploit protection techniques (DEP, ASLR/NX)/liliAbility to code in C/liliUnderstanding of network protocols/liliAbility to work individually and in small fast paced team environments/liliPassion and drive to constantly need to improve your skill set/liliMust Be a US Citizen with the ability and willingness to obtain a Secret or higher clearance/li/ulpPreferred Qualifications:/pulliExperience using fuzzing tools such as AFL or Peach/liliConcolic analysis research and implementation/liliExperience emulating embedded platforms for live debugging/liliExperience with microcontrollers/liliExperience with symbolic analysis/liliActive Secret security clearance/li/ulpSome of the extras that make working here great:/pulliLearn (tuition assistance, paid training) and teach (get published, speak at a conference)/liliSoftware and Intellectual Property development royalty sharing/liliMentorship and learning culture/liliInternally funded and guided research projects with large amounts of individual autonomy/li/ulpBenefits: Live an Extraordinary Life/pulliBalance life through a compressed work schedule/liliEnjoy enhanced work flexibility, including a hybrid arrangement/liliTake time to recharge/liliPrioritize wellness/liliBetter together/liliBuild your financial future/liliAdvance your education/li/ulpA Work Environment Where You Succeed/pulliApply your talent to challenging and meaningful projects/liliReceive select funding to pursue ideas in scientific and technological discovery/liliPartner with world-class experts in a collaborative environment/liliNurture and develop the next generation of scientific leaders/liliGive back to and improve our communities/li/ulpVaccinations Safety Protocols/ppBattelle may require employees, based on job duties, work location, and/or its clients requirements to follow certain safety protocols and to be vaccinated against a variety of viruses, bacteria, and diseases as a condition of employment and continued employment and to provide documentation that they are fully vaccinated.
If applicable, Battelle will provide reasonable accommodations based on a qualified disability or medical condition through the Americans with Disabilities Act or the Rehabilitation Act or for a sincerely held religious belief under Title VII of the Civil Rights Act of 1964 (and related state laws). Battelle is an equal opportunity employer.
We provide employment and opportunities for advancement, compensation, training, and growth according to individual merit, without regard to race, color, religion, sex (including pregnancy), national origin, sexual orientation, gender identity or expression, marital status, age, genetic information, disability, veteran-status veteran or military status, or any other characteristic protected under applicable Federal, state, or local law.
Our goal is for each staff member to have the opportunity to grow to the limits of their abilities and to achieve personal and organizational objectives.
We will support positive programs for equal treatment of all staff and full utilization of all qualified employees at all levels within Battelle.
The above statements are intended to describe the nature and level of work being performed by people assigned to this job.
They are not intended to be an exhaustive list of all responsibilities, activities and skills required of staff members.
No statement herein is intended to imply any authorities to commit Battelle unless special written permission is granted by Battelles Legal Department./p/div