Hybrid Senior Cyber Security Research Engineer bei Riverside Research Institute
Riverside Research Institute · Beavercreek, Vereinigte Staaten Von Amerika · Hybrid
- Senior
- Optionales Büro in Beavercreek
The Riverside Research Engineering and Support Solutions (ESS) directorate conducts Research and Development (R&D) of cyber-physical attacks against embedded systems. As a Senior Cyber Security Research Engineer, you will collaborate with a multi-disciplinary team of research engineers and scientists on a range of microelectronics research projects. You’ll work directly with a team of embedded system security research subject matter experts (SME), the senior Principal Investigator, and Program Manager to support various project-specific research scope and deliverables providing value to our customers. The position is in Beavercreek OH and requires a security clearance. Remote work is not available for this position. Travel is not expected to exceed two to four times a year.
All Riverside Research opportunities require US citizenship.
Responsibilities:Job Responsibilities
- Perform reverse engineering and other cyber attacks against microelectronic devices
- Develop software to run in user-mode or kernel-mode
- Studies and reports over software-based threats to embedded systems published in scientific journals, hacking blogs, and presentations at conferences
- Documents findings in technical reports and presentations
- Collaborates with hardware security researchers
- Provide technical mentorship for junior researchers, in area of expertise
- Work with Project Manager and Principal Investigator to plan, and execute technical resource application to project; manage and communicate deliverable status and timelines.
Required Qualifications
- Bachelor’s degree in Computer Engineering, Computer Science or related technical area with 8 years relevant experience, or a related technical Master’s degree with 5 years relevant experience, or a PhD in a related field with 3 years relevant experience
- Secret clearance required to start, but must be able obtain Top Secret security clearance and all required program access approvals
- Extensive experience reverse engineering operating systems like embedded Linux (e.g. PetaLinux, Yocto, Buildroot), RTOS (e.g. VxWorks, Integrity), and bare-metal systems (e.g. firmware)
- Experience with a disassembler for vulnerability research (Ghidra, IDA Pro, BinaryNinja)
- Experience with one or more assembly languages (x86, x64, ARM, MIPS, PowerPC, etc.)
- Experience with debuggers like (WinDbg, HyperDbg, GDB/KGDB/KDB, TRACE32, and OpenOCD)
- Strong familiarity with published vulnerability databases (CVE, CWE, etc.)
- Experience with embedded processors (RISC-V, ARM, MicroBlaze, Nios, etc.)
- Experience with using simulation/emulation, and hardware-in-the-loop (HIL) to assist with debugging and reverse engineering
- Experience presenting technical material to both technical and non-technical audiences
- Willing to work in a secure US Government facility
- Interest in solving open-ended research challenges
Desired Qualifications
- Active DoD Top Secret (TS) or equivalent US Government security clearance
- Familiarity with hardware security attacks, hardware development, or side-channel analysis
- Experience leading small project teams, or leading software development
- Embedded software development experience
- Familiarity with compiled languages like C/C++ and Rust
- Knowledge of formal analysis, static analysis, or other software cyber research areas
- Python (preferred) or other scripting experience
- Previous experience working in a secure US Government facility is desired
- Bachelor’s degree in Computer Engineering, Computer Science or related technical area with 12 years relevant experience, or a related technical Master’s degree with 8 years relevant experience, or a PhD in a related field with 5 years relevant experience