Jobs · Analyst · Ohio

Senior Vulnerability Researcher

Battelle · Columbus, OH · 2 wk ago
On-siteAnalyst$135k–$175k/yrFull-time

About the role

Battelle is seeking an aspiring Senior Vulnerability Researcher to join our team in Columbus, OH; Chantilly, VA; or Beavercreek. This role requires a Bachelor’s degree in Computer Science, Computer Engineering, Electrical Engineering, or related field with 8+ years of experience, or an equivalent combination of education and experience.

Responsibilities

  • Work with disassemblers and debuggers to understand embedded device operation
  • Research and debug embedded devices
  • Build and use tools to push the boundaries of current techniques
  • Collaborate with a close-knit team of researchers
  • Develop software to run in user-mode or kernel-mode
  • Use and understand assembly language and debugging tools
  • Work with a disassembler for vulnerability research (Ghidra, IDA Pro, BinaryNinja)
  • Work with one or more assembly languages (x86, x64, ARM, MIPS, PowerPC, etc.)
  • Work with one or more debuggers (WinDbg, OllyDbg, gdb)
  • Research and debug on one or more operating systems: Android, iOS, Windows, Linux, MacOS, VxWorks, QNX, RTOSs, or other custom operating systems
  • Understand advanced exploitation techniques (ret2libc, use-after-free, type confusion)
  • Understand exploit protection techniques (DEP, ASLR/NX)
  • Code in C
  • Understand network protocols
  • Work individually and in small fast-paced team environments

Requirements

  • Passion and drive to continuously improve your skill set
  • US Citizenship with the ability and willingness to obtain a Secret or higher clearance

Qualifications

  • Bachelor’s degree in Computer Science, Computer Engineering, Electrical Engineering, or related field with 8 years of experience
  • Master’s degree in related field with 5 years of experience
  • PhD in a related field with 2 years of experience
  • Experience using fuzzing tools such as AFL or Peach
  • Experience emulating embedded platforms for live debugging
  • Experience with microcontrollers
  • Experience with symbolic analysis
  • Experience with one or more assembly languages (x86, x64, ARM, MIPS, PowerPC, etc.)
  • Experience with one or more debuggers (WinDbg, OllyDbg, gdb)
  • Experience with vulnerability research on one or more operating systems: Android, iOS, Windows, Linux, MacOS, VxWorks, QNX, RTOSs, or other custom operating systems
  • Experience with advanced exploitation techniques (ret2libc, use-after-free, type confusion)
  • Experience with exploit protection techniques (DEP, ASLR/NX)
  • Experience with C programming
  • Experience with network protocols
  • Experience working individually and in small fast-paced team environments

Preferred Qualifications

  • Experience using fuzzing tools such as AFL or Peach
  • Experience emulating embedded platforms for live debugging
  • Experience with microcontrollers
  • Experience with symbolic analysis

Benefits

  • Tuition assistance
  • Paid training
  • Software and intellectual property development royalty sharing
  • Mentorship and learning culture
  • Internally funded and guided research projects with large amounts of individual autonomy
  • Comprehensive benefits package including:
    • Flexible work schedule with every other Friday off
    • Hybrid work arrangement allowing 60% in-office and 40% remote work
    • Paid time off for personal and professional development
    • Wellness programs including medical, dental, and vision coverage
    • Family formation support and gender-affirming care
    • Financial stability with an industry-leading 401(k) retirement savings plan

Pay

  • Annual salary compensation range: $135,000 - $175,000 (Ohio) and $154,500 - $220,200 (Virginia) per year

Schedule

  • Flexible work schedule with every other Friday off
  • Hybrid work arrangement allowing 60% in-office and 40% remote work

Benefits

  • Comprehensive benefits package including:
    • Flexible work schedule with every other Friday off
    • Hybrid work arrangement allowing 60% in-office and 40% remote work
    • Paid time off for personal and professional development
    • Wellness programs including medical, dental, and vision coverage
    • Family formation support and gender-affirming care
    • Financial stability with an industry-leading 401(k) retirement savings plan

Similar jobs