Senior Specialist, Security Research Engineer - Security Researc - ClearanceJobs : Job Details

L3Harris has an immediate opening for a Vulnerability Researcher with our security group, Trenchant. Trenchant is responsible for devising and implementing a sophisticated commercial cyber toolkit. Our teams are comprised of elite security researchers and former intelligence professionals with a fixation on realizing mission outcomes. We are pursuing top-tier senior security researching talent with experience across a host of technologies and paradigms. Our researchers, engineers and specialists work on tight-knit interdisciplinary teams. These teams generate thoughtful capability designs and incremental feature releases that reliably deliver cyber solutions into operational environments. Our business unit offers an exceptional value-proposition for individuals looking to make an impact.

Essential Functions:

• Finding vulnerabilities in ubiquitous Internet-deployed software and/or popular devices' software or firmware.
• Constructing exploits for vulnerabilities discovered by the company.
• Research & development on security technologies in such fields as exploitation, bug-finding, reverse engineering and static analysis.
• Working with and for officers, employees or contractors of the company.
• Training, management and provision of guidance to junior staff.
• Regular interaction with managers, clients, vendors, and customers to field queries and questions.
• Take an active role in cross-team projects when needed.

Qualifications:

• Bachelor's Degree and minimum 6 years of prior relevant experience. Graduate Degree and a minimum of 4 years of prior related experience. In lieu of a degree, minimum of 10 years of prior related experience.
• 5+ years of Vulnerability Research, reverse engineering, and bug-hunting.
• Experience with static and dynamic binary analysis.
• Experience with iOS, Android, Windows, Linux, or embedded systems kernel, user land, and internals or browser internals.
• Experience with common tools in security research (e.g. IdaPro, Ghidra, Radare, Binary Ninja, AFL, SysInternals, GDB, WinDBG, etc).
• Experience with common programming languages (e.g. C/C++, Python, Swift, etc).
• Experience with common architectures (e.g. x86/64, ARM, AARCH64, MIPS, PowerPC, TILEGX, etc).
• Experience with modern security system features, exploit mitigations, and evasion techniques (e.g. defeating ASLR, DEP, Control Flow Guard, ROP, Security Product/AV Evasion, etc).
• Experience with a wide-range of modern exploitation concepts and techniques.

Preferred Additional Skills:

• Eligibility to obtain a Security Clearance.
• Service in the US Intelligence Community or US Military working in cyber operations.
• Experience with Computer Network Operations / Computer Network Exploitation.
• Experience with symbolic execution and emulation software (e.g. QEMU, Corellium, VHDL, etc).
• Cryptographic experience (e.g. side-channel attacks, implementing AES, etc).
• Experience teaching and mentoring junior vulnerability researchers.
• Bespoke fuzzer development experience.

L3Harris Technologies is an Equal Opportunity Employer. L3Harris is committed to treating all employees and applicants for employment with respect and dignity and maintaining a workplace that is free from unlawful discrimination. All applicants will be considered for employment without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender (including pregnancy, childbirth, breastfeeding or other related medical conditions), gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, characteristic or membership in any other group protected by federal, state or local laws.