Senior Vulnerability Researcher
Battelle · Columbus, OH · 2 wk ago
On-siteAnalyst$135k–$175k/yrFull-time
About the role
Battelle is seeking an aspiring Senior Vulnerability Researcher to join our team in Columbus, OH; Chantilly, VA; or Beavercreek. This role requires a Bachelor’s degree in Computer Science, Computer Engineering, Electrical Engineering, or related field with 8+ years of experience, or an equivalent combination of education and experience.
Responsibilities
- Work with disassemblers and debuggers to understand embedded device operation
- Research and debug embedded devices
- Build and use tools to push the boundaries of current techniques
- Collaborate with a close-knit team of researchers
- Develop software to run in user-mode or kernel-mode
- Use and understand assembly language and debugging tools
- Work with a disassembler for vulnerability research (Ghidra, IDA Pro, BinaryNinja)
- Work with one or more assembly languages (x86, x64, ARM, MIPS, PowerPC, etc.)
- Work with one or more debuggers (WinDbg, OllyDbg, gdb)
- Research and debug on one or more operating systems: Android, iOS, Windows, Linux, MacOS, VxWorks, QNX, RTOSs, or other custom operating systems
- Understand advanced exploitation techniques (ret2libc, use-after-free, type confusion)
- Understand exploit protection techniques (DEP, ASLR/NX)
- Code in C
- Understand network protocols
- Work individually and in small fast-paced team environments
Requirements
- Passion and drive to continuously improve your skill set
- US Citizenship with the ability and willingness to obtain a Secret or higher clearance
Qualifications
- Bachelor’s degree in Computer Science, Computer Engineering, Electrical Engineering, or related field with 8 years of experience
- Master’s degree in related field with 5 years of experience
- PhD in a related field with 2 years of experience
- Experience using fuzzing tools such as AFL or Peach
- Experience emulating embedded platforms for live debugging
- Experience with microcontrollers
- Experience with symbolic analysis
- Experience with one or more assembly languages (x86, x64, ARM, MIPS, PowerPC, etc.)
- Experience with one or more debuggers (WinDbg, OllyDbg, gdb)
- Experience with vulnerability research on one or more operating systems: Android, iOS, Windows, Linux, MacOS, VxWorks, QNX, RTOSs, or other custom operating systems
- Experience with advanced exploitation techniques (ret2libc, use-after-free, type confusion)
- Experience with exploit protection techniques (DEP, ASLR/NX)
- Experience with C programming
- Experience with network protocols
- Experience working individually and in small fast-paced team environments
Preferred Qualifications
- Experience using fuzzing tools such as AFL or Peach
- Experience emulating embedded platforms for live debugging
- Experience with microcontrollers
- Experience with symbolic analysis
Benefits
- Tuition assistance
- Paid training
- Software and intellectual property development royalty sharing
- Mentorship and learning culture
- Internally funded and guided research projects with large amounts of individual autonomy
- Comprehensive benefits package including:
- Flexible work schedule with every other Friday off
- Hybrid work arrangement allowing 60% in-office and 40% remote work
- Paid time off for personal and professional development
- Wellness programs including medical, dental, and vision coverage
- Family formation support and gender-affirming care
- Financial stability with an industry-leading 401(k) retirement savings plan
Pay
- Annual salary compensation range: $135,000 - $175,000 (Ohio) and $154,500 - $220,200 (Virginia) per year
Schedule
- Flexible work schedule with every other Friday off
- Hybrid work arrangement allowing 60% in-office and 40% remote work
Benefits
- Comprehensive benefits package including:
- Flexible work schedule with every other Friday off
- Hybrid work arrangement allowing 60% in-office and 40% remote work
- Paid time off for personal and professional development
- Wellness programs including medical, dental, and vision coverage
- Family formation support and gender-affirming care
- Financial stability with an industry-leading 401(k) retirement savings plan