Jobs · Information Technology · Virginia

Senior Vulnerability Researcher

Two Six Technologies · Arlington, VA · 1 wk ago
On-siteInformation Technology$129k–$195k/yrFull-time

About the role

Join the Communications Systems division at Two Six Technologies in Arlington, Virginia, where we push the boundaries of software and firmware reverse engineering to uncover vulnerabilities in wireless and embedded systems. As part of our elite team of security researchers, you’ll work alongside CNO developers and hardware engineers, conducting cutting-edge vulnerability research on complex, real-world targets.

Responsibilities

  • Take on complex technical problems for which there is often no known answer
  • Develop tools and techniques to assist/automate tasks that traditionally require significant manual reverse engineering effort, including binary patching, Vulnerability research, and Binary fingerprinting
  • Develop proof-of-concept exploits for discovered vulnerabilities following DevOps best practices for keeping code bases organized and maintainable.
  • Analyze firmware, software protections, and wireless protocols to uncover security flaws.
  • Follow-on development to productize results/PoCs or handoff to developers for productization
  • Collaborate closely with CNO developers, vulnerability researchers, and hardware engineers in a fast-paced, small-team environment.

Requirements

  • Bachelor’s (or higher) degree in Computer Science, Computer/Electrical Engineering, or a related field (or equivalent practical experience).
  • Extensive experience with programming/scripting languages in C/C++, Python, and Linux command-line environments.
  • Experience with reverse engineering and vulnerability research, using tools such as IDA Pro, Binary Ninja, or Ghidra.
  • Expertise in one or more of the following:
    • Firmware analysis (ARM, MIPS, PowerPC, RTOS).
    • Firmware rehosting using emulation tools such as QEMU
    • Fuzzing and exploit development.
    • Binary obfuscation and anti-analysis techniques.
    • Wireless protocols and radio signal analysis.
    • File system forensics and fault injection frameworks.

Nice to Have (Preferred)

  • Experience scripting with Binary Ninja API or Ghidra.
  • Experience in embedded software development using C/C++ for RTOS or Linux environments.
  • Knowledge of cryptographic security and secure boot mechanisms.
  • Hands-on experience working with hardware debugging tools, JTAG/SWD, or software-defined radio (SDR) frameworks.
  • Familiarity with digital signal processing, wireless security protocols, RF signal processing, and side-channel analysis.
  • Client-facing experience in technical roles.
  • Active TS/SCI with Polygraph preferred.

Benefits

Two Six Technologies offers a competitive and comprehensive compensation package that includes medical, dental, and vision insurance, life and disability insurance, retirement benefits, paid leave, tuition assistance and professional development.

Pay

The projected salary range listed for this position is annualized. This is a general guideline and not a guarantee of salary. Salary is one component of our total compensation package and the specific salary offered is determined by various factors, including, but not limited to education, experience, knowledge, skills, geographic location, as well as contract specific affordability and organizational requirements.

Schedule

Details on the schedule will be provided upon interview.

Similar jobs