Senior Vulnerability Researcher (Cyber212)

Posted 9 Days Ago
Be an Early Applicant
San Antonio, TX
5-7 Years Experience
Security • Cybersecurity
The Role
As a Senior Vulnerability Researcher, you will analyze and identify vulnerabilities across various architectures, conduct reverse engineering, and develop features for undocumented interfaces while collaborating with a mentorship program. You will engage with customer needs and implement security measures to enhance the organization's offerings.
Summary Generated by Built In

Research Innovations, Inc. (RII) is breaking through the big, slow, status quo with transformative technology that fundamentally changes and improves the world. We develop cutting-edge software for all levels of the government and military. Using agile development practices and user-centered design, we create innovative software solutions for complex real-world problems.


We are seeking a dedicated Vulnerability Researcher to join our Cyber Security team. As a Vulnerability Researcher at RII, you will play a pivotal role in solving unique and challenging problems for our esteemed Defense and Homeland Security customers. This position requires a proactive mindset, deep technical expertise in vulnerability research, reverse engineering, and exploit mitigations/bypasses, and a drive to live one of our core values: Get s#!t done.


This position requires the ability to obtain and maintain a TS/SCI security clearance

WHAT YOU WILL BE DOING

  • Conducting in-depth reverse engineering and vulnerability analysis across various architectures and platforms, including x86/64, ARM, PowerPC, and more
  • Researching and analyzing operating system and application internals, identifying and understanding security strengths and weaknesses of those systems
  • Developing and enhancing functionality by adding features and capabilities to undocumented interfaces
  • Modeling and analyzing in-memory compiled application behavior to identify potential vulnerabilities and improve security measures
  • Developing and understanding mobile/embedded systems and kernel modules, particularly related to vulnerability research
  • Participating actively in our extensive Vulnerability Research mentorship program, sharing knowledge and collaborating with colleagues

WHAT YOU HAVE DONE

  • Proficient understanding of wireless networking and associated security protocols, such as Wi-Fi (802.11), Bluetooth, or cellular networks (2G/3G/4G/5G). Familiarity with common vulnerabilities and attack vectors in wireless communication
  • Strong grasp of legacy exploit mitigations and bypass techniques, including but not limited to Address Space Layout Randomization (ASLR), Data Execution Prevention (DEP/NX), Stack Cookies (Canaries), and Control Flow Integrity (CFI). Experience in identifying and circumventing these security measures
  • In-depth knowledge of both security and network fundamentals, such as cryptography, authentication, access control, and network protocols (TCP/IP, UDP, DNS, HTTP, etc.). Understanding the security implications and potential vulnerabilities associated with these concepts
  • Programming experience with both scripted languages (preferably Python3) and compiled languages (preferably C). Ability to write efficient and secure code for vulnerability research and exploit development purposes
  • Familiarity with low-level architectures such as x86, ARM, or MIPS. Understanding the underlying principles, instruction sets, and memory models of these architectures for vulnerability identification and analysis
  • Experience with operating system internals and implementations, including Windows, Linux, or macOS. Knowledge of system structures, process management, memory management, and security mechanisms at the kernel level
  • Excellent oral, written, and interpersonal communication skills, with the ability to effectively convey complex technical concepts and interact with customers and team members alike

EVEN BETTER

  • Experience with vulnerability research and reverse engineering of real-time operating systems (RTOS), such as FreeRTOS, QNX, or VxWorks. Understanding the unique security challenges and attack vectors specific to RTOS environments
  • Bachelor's or postgraduate degree in Computer Science, Computer Engineering, or a related field
  • Experience with software protection and binary armoring techniques, such as anti-debugging, code obfuscation, or tamper resistance. Understanding the methods employed to protect software from reverse engineering and vulnerability discovery
  • Proficiency in agile development methodologies, including Scrum or Kanban, for efficient collaboration and iterative development in a cybersecurity context
  • Familiarity with low-level iOS/Android development and associated security considerations, such as jailbreaking or rooting, application sandboxing, or secure interprocess communication (IPC)
  • Knowledge of hypervisors and their security implications, including virtualization-based security, guest escape vulnerabilities, or hypervisor-based rootkits
  • Proficiency in malware analysis, including static and dynamic analysis techniques, behavioral analysis, and code deobfuscation. Experience in identifying and analyzing malware samples to understand their capabilities and potential vulnerabilities
  • Experience with constraint solving techniques, such as symbolic execution, theorem proving, or model checking, for vulnerability identification, verification, and exploit generation
  • Background in machine learning, particularly in the context of vulnerability analysis and detection, such as using ML techniques to identify patterns in code or analyze network traffic for anomaly detection

#LI-AC1


At RII, we believe that diversity in our workforce is critical to our success. We strive to hire great people from a wide variety of backgrounds, not just because it’s the right thing to do, but because it makes us stronger. We work to help your intellectual passions and creativity thrive. It’s one of our core values: Let your geek flag fly.


We also offer all employees comprehensive benefits including: flexible work schedules, health insurance coverage, paid time off, 401k with a company match, paid parental leave, access to wellness programs and much more. You get this all from day one, and all paid for by RII.


It’s all part of another of our core values: Stay human. It’s why our comfortable and colorful offices such as our headquarters, include a community game room, pantry, massage chair, and an escape room, among other amenities. It’s why we have community ambassadors and regular community events.


Research Innovations, Inc. is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender, gender identity or expression, national origin, genetics, disability status, protected veteran status, age, or any other characteristic protected by state, federal or local law.

Top Skills

C
Python
The Company
Alexandria, VA
190 Employees
On-site Workplace
Year Founded: 2009

What We Do

Research Innovations is a small technology company focused on the development and application of emerging technologies that solve complex problems within the Defense and Intelligence communities.

Jobs at Similar Companies

Invoice Home Logo Invoice Home

Senior Cloud Engineer

Fintech • Information Technology • Mobile • Software • Financial Services • Cybersecurity • SEO
Remote
Texas, USA
20 Employees
200K-250K Annually

Silverfort Logo Silverfort

Marketing Analyst

Information Technology • Sales • Security • Cybersecurity • Automation
Remote
United States
357 Employees

MacPaw Logo MacPaw

Senior Product Designer (New Product)

Information Technology • Security • Software • Cybersecurity • App development • Data Privacy
Remote
Hybrid
Kyiv, Kiev, UKR
550 Employees

Similar Companies Hiring

Invoice Home Thumbnail
Software • SEO • Mobile • Information Technology • Fintech • Financial Services • Cybersecurity
Austin, TX
20 Employees
MacPaw Thumbnail
Software • Security • Information Technology • Data Privacy • Cybersecurity • App development
Cambridge, MA
550 Employees
Silverfort Thumbnail
Security • Sales • Information Technology • Cybersecurity • Automation
GB
357 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account