Security Researcher
Beltsville, Maryland
Applications have closed
Two Six Technologies
You will work with a range of clients from the country’s largest ISPs to critical infrastructure providers to innovative tech startups. You will become a trusted advisor while learning and performing valuable technical and industry skills. This role is technical at its core – with a strong focus on in-depth reverse engineering, exploit development, as well as the development of tools to aid in the reverse engineering process.
Since we are a small team, you will not be lost in the shuffle. You will be a key player in a fast paced team, owning your own projects and developing client relationships. You will have access to top experts in the field with experience across a range of domains and will have numerous opportunities to define your work.
Job Responsibilities & Duties
- Unpack and analyze primarily embedded device firmware, ranging from bare metal code to embedded linux systems
- Work with the pentesting team to identify attack surfaces on a device
- Reverse engineer binaries and services, or review source code, to identify vulnerabilities and write PoCs where applicable
- Work with clients to remediate vulnerabilities and harden their product
- Thoroughly assess all attack surfaces on a device including network-reachable services and hardware interfaces (UART, USB, JTAG, etc.)
Qualifications & Skills- Required:
- Strong familiarity with common bug classes, bad practices, and exploit/PoC development
- Experience with common disassemblers/decompilers and reverse engineering tools (IDA, Ghidra, Binary Ninja)
- Experience with software reverse engineering concepts: static analysis, dynamic analysis, fuzzing techniques
- Bachelor’s (or higher) degree in computer science, engineering, or a related field (solid knowledge in RE or VR may substitute for a specific degree)
- Expert command of low-level programming languages (C and at least one assembly language), scripting languages (e.g., Python), and the *nix command line
Nice to have, but not expected:
- Experience in a client-facing technical role
- Familiarity with Binary Ninja API or Ghidra scripting
- Familiarity building or securing embedded devices and other digital systems
- Familiarity with embedded binary reverse engineering (ARM, RTOS, etc.)
- Familiarity with basic cryptography design and implementation concepts
Two Six Technologies is an Equal Opportunity Employer and does not discriminate in employment opportunities or practices based on race (including traits historically associated with race, such as hair texture, hair type and protective hair styles (e.g., braids, twists, locs and twists)), color, religion, national origin, sex (including pregnancy, childbirth or related medical conditions and lactation), sexual orientation, gender identity or expression, age (40 and over), marital status, disability, genetic information, and protected veteran status or any other characteristic protected by applicable federal, state, or local law.
Two Six Technologies Covid-19 Vaccination Policy requires employees to be fully vaccinated. Exceptions to this policy are only granted to those with a company-approved medical or religious accommodation. Prospective or new employees will be required to adhere to this policy and submit proof of vaccination or have an approved exemption prior to the start of their employment.
If you are interested in applying for employment with Two Six Technologies and require an accommodation, please contact Human Resources at Two Six Technologies by sending an email to hr@twosixtech.com. Information provided will be kept confidential and used only to the extent required to provide needed reasonable accommodations.
Tags: APIs C Computer Science Cryptography Exploit Ghidra Linux Pentesting POCs Python Reverse engineering Scripting Vulnerabilities
Perks/benefits: Career development
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs