Vulnerability Researcher 2

Full-Time
Annapolis Junction, MD
Posted 11 months ago

E&M Technologies, Inc. is currently seeking a Level 2 Vulnerability Researcher to support a Federal Government client.

E&M Technologies, Inc. is dedicated to recruiting and developing diverse, high-performing talent who are passionate about what they do. Our employees are unified in a shared dedication to our customers’ mission and quest for professional growth. E&M provides an inclusive, engaging environment designed to empower employees and promote work-life success. Fundamental to our culture is an unwavering focus on values, dedication to our communities, and commitment to excellence in everything we do.

Required Skills/Experience

  • Actively debug software and troubleshoot issues with software crashes and programmatic flow
  • Ability to perform source code analysis to discover software flaws, and provide/author documentation on the impact and severity of the flaw
  • Ability to develop proof-of-concept exploits against research targets, prototypes, and hands-on demonstrations of vulnerability analysis results
  • Provide/author and participate in technical presentations on assigned projects
  • Lead reverse engineering and vulnerability research of hardware components, software applications, and operating systems to determine functionality, code structure, and circuit design for the use in the discovery of initial access capabilities
  • Meets all qualifications of a CNO Vulnerability Research/Analyst I, but has the following increased experience and skill levels

Desired Skills/Experience

  • Experience programming in Assembly, C, C#, C++, Perl, or Python with a focus on an understanding of system interactions with these libraries vs. production-style environments
  • Use of Unix/Windows system APIs
  • Understanding of virtual function tables in C++
  • Heap allocation strategies and protections
  • Experience with very large software projects a plus
  • Kernel programming experience (WDK / Unix|Linux) a significant plus
  • Hardware/Software reverse engineering, which often includes the use of tools (e.g., IDA Pro, Ghidra, Binary Ninja) to identify abstract concepts about the code flow of an application
  • For hardware reverse engineering, candidates expected to have performed analysis of embedded devices, focusing primarily on identifying the software stack and points of entry to the hardware (e.g., not interested in FPGA reverse engineering, or other circuit reverse engineering)
  • Candidates who can merge low-level knowledge about compilation of C/C++ code with a nuanced understanding of system design to identify and exploit common vulnerability patterns
  • Candidates should be comfortable with, a minimum, user-mode stack-based buffer overflows, and heap-based exploitation strategies

Required Education

  • Bachelor’s Degree in Computer Science or related field plus
  • Minimum five (5) years’ experience programming in Assembly, C, C#, C++, Perl, or Python for a production environment
  • Minimum five (5) years demonstrated experience in either hardware or software reverse engineering

E&M Technologies offers competitive salaries, medical benefits, and a 401k plan.

To Apply for this position

You must have the Required Qualifications in your resume to be selected as a candidate.

Employees may be eligible for a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. In addition, E&M Technologies, Inc. provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays, and paid time off (PTO) for vacation and/or personal business. More benefit details here.

The health and safety of our employees and their families is a top priority. With the continuing impacts of COVID-19 around the world, we are taking action to protect the health and well-being of our colleagues and maintain the safety of the communities where we operate. As a federal contractor, and consistent with Executive Order 14042 (https://www.saferfederalworkforce.gov/contractors/) we will require all newly hired employees in the United States to be fully vaccinated by January 18, 2022, or by your start date if it is after January 18th. Federal guidance allows for disability/medical and religious accommodations with respect to the vaccine requirement. Any requested accommodations must be reviewed and approved (if applicable) in advance of your start date.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. U.S. Citizenship is required for most positions.

Job Features

Job Category

Information Technology

Req. ID

EM03-002

Citizenship

United States Citizen

Clearance Type

Top Secret/SCI w/ Full Scope Poly

Travel Required

None

Apply Online

A valid email address is required.
A valid phone number is required.