L3Harris TechnologiesRemote
Senior Specialist, Security Research Engineer
United States of America
Full Time
6 hours ago
$112,000 - $208,000 USD
No H1B
Key skills
Vulnerability ResearchReverse EngineeringBug HuntingStatic Binary AnalysisDynamic Binary AnalysisiOSAndroidWindowsLinuxEmbedded SystemsKernel InternalsUser Land InternalsBrowser InternalsSecurity Research ToolsIdaProGhidraRadareBinary NinjaAFLSysInternalsGDBWinDBGProgramming LanguagesC/C++PythonSwiftComputer Architecturesx86/64ARMAARCH64MIPSPowerPCTILEGXSecurity System FeaturesExploit MitigationsEvasion TechniquesASLRDEPControl Flow GuardROPSecurity Product EvasionAV EvasionModern Exploitation TechniquesComputer Network OperationsComputer Network ExploitationSymbolic ExecutionEmulation SoftwareQEMUCorelliumVHDLCryptographySide-Channel AttacksAES ImplementationFuzzer DevelopmentTrainingC++CMentoring
About this role
L3Harris Technologies is looking for a Senior Security Software Research Engineer to join their security group, Trenchant. This role involves identifying vulnerabilities in software and devices, constructing exploits, and guiding technical outcomes while providing training and management to team members.
Responsibilities:
- Finding vulnerabilities in ubiquitous Internet-deployed software and/or popular devices’ software or firmware
- Constructing exploits for vulnerabilities discovered by yourself or your team
- Guiding the teams technical outcomes to measurable deliverables for the organization
- Training, management and provision of guidance to all levels of team members
- Regular interaction with managers and customer-facing staff members to field queries and questions about technical work
- Ability to obtain and maintain security clearance
- Take an active role in cross-team projects when required
Requirements:
- Bachelor's Degree with a minimum 6 years prior relevant experience
- Graduate Degree with a minimum of 4 years of prior related experience
- In lieu of a degree, minimum of 10 years of prior related experience
- Ability to obtain and maintain security clearance
- 5+ years of Vulnerability Research, reverse engineering, and bug-hunting
- Experience with static and dynamic binary analysis
- Experience with iOS, Android, Windows, Linux, or embedded systems kernel, user land, and internals or browser internals
- Experience with common tools in security research (e.g. IdaPro, Ghidra, Radare, Binary Ninja, AFL, SysInternals, GDB, WinDBG, etc)
- Experience with common programming languages (e.g. C/C++, Python, Swift, etc)
- Experience with common architectures (e.g. x86/64, ARM, AARCH64, MIPS, PowerPC, TILEGX, etc)
- Experience with modern security system features, exploit mitigations, and evasion techniques (e.g. defeating ASLR, DEP, Control Flow Guard, ROP, Security Product/AV Evasion, etc)
- Experience with a wide-range of modern exploitation concepts and techniques
- Experience with Computer Network Operations / Computer Network Exploitation
- Experience with symbolic execution and emulation software (e.g. QEMU, Corellium, VHDL, etc)
- Cryptographic experience (e.g. side-channel attacks, implementing AES, etc)
- Experience teaching and mentoring junior vulnerability researchers
- Bespoke fuzzer development experience