Principal Vulnerability Researcher
Dayton, Ohio
Applications have closed
Two Six Technologies
Two Six Technologies is seeking a Principal Vulnerability Researcher. This role is technical at its core – along with in-depth reverse engineering and exploit development you will transition those findings into capabilities.
You will be a key player in a small fast paced team, owning your own projects and developing client relationships. Working with our lead Reverse Engineer, you will have access to top experts in the field with experience across a range of domains. You will have numerous opportunities to define your work.
Job Responsibilities & Duties
Given the technical nature of this role, experience in computer science, computer engineering, or a similar field is required. Significant proven experience in reverse engineering (RE) or vulnerability research (VR) can show your fit even if your background is outside of one of these fields.
You should be comfortable taking on complex technical problems for which there is often no known answer. You should be comfortable with ambiguity and forging your own path; our small team setting will provide you opportunity for outsized impact. While you will receive extensive training, mentorship, and coaching, you must be comfortable executing against goals independently since there’s no playbook for breaking unique complex systems.
Qualifications & Skills- Required:
Bachelor’s (or higher) degree in computer science, engineering, or a related field (solid knowledge in RE or VR may substitute for a specific degree)
Minimum 7 years of experience firmware development using low-level programming languages (C and at least one assembly language), scripting languages (e.g., Python), and the *nix command line
Strong familiarity with cybersecurity principles and a strong interest in learning more
Minimum 5 years of experience with common disassemblers/decompilers and reverse engineering tools (IDA, Ghidra, Binary Ninja)
Experience with software reverse engineering concepts: static analysis, dynamic analysis, fuzzing techniques
Active US Security clearance of Secret level and ability to obtain and maintain TS.
Nice to have, but not expected:
Familiarity with Binary Ninja API or Ghidra scripting
Familiarity building or securing embedded devices and other digital systems
Familiarity with embedded binary reverse engineering (ARM, RTOS, etc.)
Familiarity with basic cryptography design and implementation concepts
Experience in a client-facing technical role
Two Six Technologies is an Equal Opportunity Employer and does not discriminate in employment opportunities or practices based on race (including traits historically associated with race, such as hair texture, hair type and protective hair styles (e.g., braids, twists, locs and twists)), color, religion, national origin, sex (including pregnancy, childbirth or related medical conditions and lactation), sexual orientation, gender identity or expression, age (40 and over), marital status, disability, genetic information, and protected veteran status or any other characteristic protected by applicable federal, state, or local law.
If you are interested in applying for employment with Two Six Technologies and require an accommodation, please contact Human Resources at Two Six Technologies by sending an email to hr@twosixtech.com. Information provided will be kept confidential and used only to the extent required to provide needed reasonable accommodations.
EOE, including disability/vets.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: APIs C Clearance Computer Science Cryptography Exploit Ghidra Python Reverse engineering Scripting Security Clearance
Perks/benefits: Career development
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open DevOps-related jobs
- Open Security assessment-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open DevSecOps-related jobs
- Open CEH-related jobs