Raytheon Technologies Sr. Android Vulnerability Researcher Lead ($20K Sign on Bonus) in Arlington, Virginia
Cyber Offense and Defense Experts (CODEX) is in need of a Android Vulnerability Research Lead. Their duties will include: leading a small group of geographically-distributed researchers to analyze mobile platforms and embedded systems, identify vulnerabilities in these systems, create robust proof-of-concepts to exploit the vulnerabilities, and deliver professional technical reports and briefings on the team’s findings. An ideal candidate will be able to lead engineers by identifying novel attack vectors, closely coordinating with customers on requirements/tasking, and interface seamlessly with Program Management..
Professional development experience is desired, but at least some scripting experience is required. Whether in python, ruby, or some other language, you should be capable of quickly developing the tools needed to help you succeed in your reverse engineering and vulnerability research efforts. The strongest candidates will have a variety of low-level operating systems experience, as well as, cross-platform vulnerability research. If you've built your own dynamic instrumentation and integrated a solver to help you identify and reach code or modified emulators and JIT engines to add your own instrumentation to help you identify entire classes of vulnerabilities, you'll be right at home.
Candidates must be able to play both sides of the fence, both defeating and developing new and advanced security techniques.
The considered locations for this position will be Arlington, VA or Dulles, VA, with additional locations considered based on candidate.
Experience programming in C/C++, assembly, and a scripting language
Experience tracing code execution in a debugger (gdb/IDA)
Experience reverse engineering ELF binaries (IDA/Ghidra/Binary Ninja)
Knowledge of Linux kernel internals, including the OS runtime linker/loader, object file formats (e.g., ELF), file system internals (e.g., NTFS, ext2, btrfs), OS-specific mandatory and discretionary access control mechanisms (e.g., SELinux, Smack), and process and thread APIs and data structures
Understanding of security protection mechanisms (ASLR, DEP, NX), how to defeat them, and how to detect a defeat
Knowledge of various bug classes (e.g., Buffer Overflows, Use-After-Free, Race Conditions) and the ability to exploit these bugs.
Experience creating and briefing technical presentations
Experience leading a team of developers or researchers
Familiarity with Android kernel additions (e.g.,binder, ashmem, vendor-specific mitigations)
Familiarity with Android userspace (e.g. init, system services, ART/Dalvik, Java API)
Familiarity with building/instrumenting Android OS (AOSP)
Experience reading and writing ARM/ARM64 assembly
Familiarity with hardening such as SELinux, seccomp-bpf, and POSIX capabilities
Android or Linux systems programming/platform development experience
Experience as a Technical Leader for Vulnerability Research
Active U.S. Government Top Secret security clearance required.
Technical Degree desired
Our interviews are technical. Come prepared to tell us about your technical background and interests as well as to work through some of our questions on a whiteboard. We hope you find our questions to be thought provoking, but we don’t ask brain teasers or tricks. This is a chance to have a dialog with our team, and we hope you will enjoy it!
This position requires either a U.S. Person or a Non-U.S. Person who is eligible to obtain any required Export Authorization.174040
Raytheon is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, age, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.