12 days old

Lead Vulnerability Researcher / Reverse Engineer

Centreville, VA 20121
  • Job Code

Minimum Clearance Required to Start:

Top Secret SCI w/Polygraph

Job Description:

Parsons is looking for smart creative problem solvers to create critical national security cyber tools. We need a vulnerability research leader with experience analyzing software binaries in embedded linux environments. You will lead a small but highly-skilled and dynamic team that developing state of the art full spectrum cyber capabilities. Leadership responsibilities include customer interaction, technical solutions, planning, and providing technical guidance to the team. Technical responsibilities include analyzing and deconstructing software applications and protocols, identifying potential attack vectors, triage, categorization, and analysis of discovered vulnerabilities and development of proof of concept (PoC) code.


Required Qualifications:

  • 7 years overall software engineering experience with 5 yrs of Vulnerability research and/or Reverse engineering.
  • Proven successful experience leading a technical team performing VR
  • U.S. citizenship is required.
  • Active Top Secret Security Clearance with SCI eligibility

Desired Experience:

  • Excellent oral and written communications skills.
  • Experience leading technical teams performing vulnerability research on embedded linux devices.
  • Ability to plan work, provide technical guidance and oversight, and deliver.
  • Software reverse engineering - Experience using tools like Ghidra and IDA Pro and understanding processor architectures including x86, ARM, ARM64, MIPS, et al.
  • Experience identifying zero days including memory corruption bugs for example stack overflows, heap overflows, integer overflows, logical flaws.
  • Experience with security techniques (ASLR, DEP, Stack cookies, pointer authentication, etc).
  • File format reverse engineering - Experience determining how files are structured, understanding the standard methods for encoding data from Base64 to ASN1.
  • Encryption - A good understand of how symmetrical and asymmetrical encryption works, certificate chain of trust, crypto weaknesses etc.
  • Protocol Analysis - Knowledge of how IP/Serial based protocols work and how to reverse their format including checksums, MACs, encoding formats, HTTP, XML etc.
  • Fuzzing - Experience of writing and running fuzzers (afl-fuzz, et al), understanding of the differences between dumb and more intelligent fuzzers, and how reverse engineering feeds the process. Black box vs. white box fuzzing.
  • Coding - The ability to quickly write programs to accomplish point solutions in languages like C, C++, Python, bash, et al.
  • Code Review - The ability to review source code to identify bugs and vulnerabilities.
  • Operating Systems Architecture - Knowledge of how operating systems work from 'user land' code right through to the kernel.

Must be able to obtain, maintain and/or currently possess a security clearance.


Posted: 2021-07-12 Expires: 2021-08-12

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Remember to mention ConstructionJobs as your source for this job! Employers prefer our qualified candidates, so make sure they know we sent you.

Share this job:

Lead Vulnerability Researcher / Reverse Engineer

Parsons Corporation
Centreville, VA 20121

Join us to start saving your Favorite Jobs!

Sign In Create Account