Senior Vulnerability Researcher

Posted 4 Hours Ago
Be an Early Applicant
Pittsburgh, PA
5-7 Years Experience
Edtech
The Role
The Senior Vulnerability Researcher will develop advanced approaches for analyzing executable code, assess software vulnerabilities, study disclosure ecosystems, and evaluate existing security tools. The role includes publishing findings and aiding in technology testing and transition processes.
Summary Generated by Built In

The SEI helps advance software engineering principles and practices and serves as a national resource in software engineering, computer security, and process improvement. The SEI works closely with defense and government organizations, industry, and academia to continually improve software-intensive systems. Our core purpose is to help organizations improve software engineering capabilities and develop or acquire the right software, defect free, within budget and on time, every time. 
 
The CERT Division of the Software Engineering Institute (SEI) is seeking applicants for the Senior Vulnerability Researcher role. The Vulnerability Analysis Team, within the Threat Analysis Directorate, is a group of internet security experts focused on advancing the state of the art in vulnerability assessment and discovery, coordinated vulnerability disclosure, and software security on a national and global scale. We participate in communities of network defenders, software developers and vendors, security researchers, and policy-makers. We publish security advisories, papers, blog posts, data, and tools. The SEI is a federally funded research and development center at Carnegie Mellon University.
 
What you’ll do 

  • Develop state of the art approaches for analyzing executable code. 
  • Apply these approaches to understanding systemic vulnerabilities in software systems and how attackers adapt their tradecraft to exploit those vulnerabilities. 
  • Study and influence the software security and vulnerability disclosure ecosystems. 
    Evaluate the effectiveness of tools, techniques and processes developed by industry and the security research community. 
  • Uncover some of the fundamental assumptions underlying current best practice in software security.
  • Develop models, tools and data sets that can be used to characterize the threats to, and vulnerabilities in, software systems, and publish those results. You will also use these results to aid in the testing, evaluation and transition of technologies developed by government-funded research programs. 

Who you are 

  • You have a deep interest in cybersecurity, intellectual curiosity and a desire to make an impact beyond your organization. 
  • You enjoy developing and communicating innovative ideas and thinking creatively to solve tough problems. 
  • You relate collaboratively and diplomatically with people inside and outside the organization. 
  • You have a strong understanding of research methods in computer science, engineering and security, and related fields as well as of Internet fundamentals including network protocols, provider operations and governance. 
  • You enjoy mentoring and training others as well as sharing knowledge.

You have experience 

  • Vulnerability research, analysis, disclosure, and mitigation 
  • Applying knowledge of technology, systems architecture and security best practice to practical problems in enterprise security. 
  • Advising on a range of security topics based on research and expert opinion.
  • Organizing and planning complex projects 
  • Communicating complex system designs, technical approaches and road maps to sponsors, project managers and technical staff, and the ability to distill the implications of complex research results and apply those results to government operations. 
  • Applying modern data-driven research methods to cost-effectiveness analysis, risk analysis and information security decision making and collaborating on industry and academic community projects.
  • Developing software in Python and other modern programming languages 
  • Mathematical programming, statistical modeling, or machine learning 
  • Recognizing and properly handling confidential and sensitive information. 
  • Applying cybersecurity knowledge to areas such as AI/ML domain and open-source software
  • Automating existing security practices

 
You are able to 

  • You have BS in Computer Science, Information Science, or Analytical discipline with ten (10) years of experience; OR MS in the same fields with eight (8) years of experience; OR PhD in the same fields with five (5) years of experience. 
  • You have a willingness to travel to various locations to support the SEI’s overall mission. This includes sponsor sites, conferences, and offsite meetings on occasion. Moderate Travel (15%) 
  • You will be subject to a background check and obtain and maintain an active Department of Defense security clearance. Applicants for this position must be currently legally authorized to work for CMU in the United States. CMU will not sponsor or take over sponsorship of an employment visa for this opportunity.

Why work here? 

  • Join a world-class organization that has significant impact on software. 
  • Work with cutting edge technologies and experts to solve tough problems for the government and the nation. 
  • Get 8% monthly contribution for your retirement, without having to contribute yourself. 
  • Get tuition benefits to CMU and other institutions for you and your dependent children. 
  • Enjoy a healthy work/life balance with flexible work arrangements and paid parental and military leave. 
  • Get access to university resources including mindfulness programs, childcare and back-up care benefits, a monthly transit benefit on WMATA, free transportation on the Pittsburgh Regional Transit System. 
  • Enjoy annual professional development opportunities; attend conferences and training or obtain a certification and get reimbursed for membership in professional societies. 
  • Qualify for relocation assistance and so much more.

Joining the CMU team opens the door to an array of exceptional benefits available to eligible employees.

Those employees who are benefits eligible have the opportunity to experience the full spectrum of advantages from comprehensive medical, prescription, dental, and vision insurance to an enticing retirement savings program offering a generous employer contribution. You can also unlock your potential with tuition benefits and take well-deserved breaks with ample paid time off and observed holidays. Finally, rest easy knowing you are covered by life and accidental death and disability insurance. 

Other perks include a free Pittsburgh Regional Transit bus pass, our Family Concierge Team to help navigate childcare needs, fitness center access, and so much more!

For a comprehensive overview of the benefits that may be awaiting you, explore our Benefits page.

At Carnegie Mellon, we value the whole package when extending offers of employment. Beyond just credentials, we consider the role and responsibilities, your invaluable work experience, and the knowledge gained through education and training. We acknowledge and appreciate your unique skills and the diverse perspective you bring. Your journey with us is about more than just a job; it’s about finding the perfect fit for your professional growth and personal aspirations.

Are you interested in an exciting opportunity with an exceptional organization?! Apply today!

Location

Pittsburgh, PA

Job Function

Software/Applications Development/Engineering

Position Type

Staff – Regular

Full Time/Part time

Full time

Pay Basis

Salary

More Information: 

  • Please visit “Why Carnegie Mellon” to learn more about becoming part of an institution inspiring innovations that change the world. 

  • Click here to view a listing of employee benefits

  • Carnegie Mellon University is an Equal Opportunity Employer/Disability/Veteran

  • Statement of Assurance

The Company
Moffett Field, CA
9,172 Employees
On-site Workplace
Year Founded: 1990

What We Do

Carnegie Mellon University founder Andrew Carnegie said: "My heart is in the work."​

No statement better captures the passion and drive of our people to make a real difference.

At Carnegie Mellon, we're not afraid of the work.

Our educational environment creates problem solvers, drivers of innovation and pioneers in technology and the arts.

Employers in every field say our graduates are ready to hit the ground running the day they graduate.

So, join us. Whether you're looking for a career or an education. Or both.

Jobs at Similar Companies

Hybrid
Austin, TX, USA
145 Employees
Hybrid
Austin, TX, USA
143 Employees

Similar Companies Hiring

Academia.edu Thumbnail
Software • Social Impact • Information Technology • Edtech • Digital Media • Consumer Web
SAN FRANCISCO, CA
110 Employees
Campus Thumbnail
Edtech
New York, NY
143 Employees
ReUp Education Thumbnail
Social Impact • Edtech
Austin, TX
145 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account