Senior Software/Hardware Engineer – Cybersecurity Reverse Engineering
Golden, CO, United States
The National Renewable Energy Laboratory, NREL, is seeking applicants for its newly opened career opportunity Senior Software/Hardware Engineer – Cybersecurity Reverse Engineering. Cybersecurity is key to our energy future. Join our NREL team and be on the forefront of cybersecurity in the energy transformation.
NREL's Cybersecurity Science and Simulation Group, CSSG, is performing research to secure our energy systems from cyberattack, and to make them more resilient to disruptions of any type. Using an on-premises private cloud interconnected with unique and powerful laboratory systems, NREL’s cyber range powers our investigation of rapidly evolving communication systems, industrial control systems, internet of things (IoT), and the flow of energy on which we all depend.
Our research significantly enhances energy security, resilience, efficiency, and affordability across the United States and the world. Many more details regarding the work that is being done can be found here: https://www.nrel.gov/security-resilience/cyber-range.html
In CSSG, software/hardware engineers work closely with network engineers and architects, mathematicians, and security professionals. Every project involves collaboration across NREL’s domains of expertise – from renewable generation via wind, solar, and geothermal; to efficient energy consumption in smart buildings, electric vehicles, and industry; to the power systems, energy storage, data and control algorithms needed to ensure the whole system operates reliably and securely.
The successful candidate will support multiple research projects focused on cyber-securing our rapidly transforming energy systems. Key tasks may involve:
- Reverse engineering malware, firmware, real-time operating systems, control system applications, and other types of software relevant to NREL’s energy security mission to identify vulnerabilities and operational risks
- Produce software for evaluating the security of IoT, IIoT, distributed energy resources, control system and SCADA applications, electric distribution systems, and other emerging energy system components
- Discover, analyze, and track cyber-attack campaigns, malware, and/or system vulnerabilities
- Produce reporting, such as detection and mitigation guidance, for a broad range of customers and partners
- Develop tools and techniques to assess risks, including threats, vulnerabilities, and consequences in emerging energy systems
- Utilize device assessment methodologies for performing literature reviews, device physical examinations, verification testing, and exploration testing
- Apply static and dynamic reverse engineering techniques to enhance SBOM tools and support software security evaluations
- Implement methods across virtual, emulated, and live operating energy systems and equipment in laboratory settings.
- Design, create, and execute threat emulation scenarios to evaluate system impacts across distributed energy resources
This role can be hired at a Level IV and V.
Applies advanced scientific technical principles, theories and concepts. Contributes to the development of new principles and concepts. Considered a national subject matter expert. Demonstrates leadership in a number of areas, including all team, task and/or project lead responsibilities. Demonstrated management of complex and/or impactful projects. Excellent technical writing, interpersonal and communication skills.
- Relevant PhD and 9 or more years of experience or,
- Relevant Master's Degree and 12 or more years of experience or,
- Relevant Bachelor's Degree and 14 or more years of experience.
Demonstrated in-depth knowledge of laws, regulations, principles, procedures and practices related to specific field. Excellent leadership, communication, problem solving and project management skills. Ability to use various computer software programs.
- Relevant PhD and 4 or more years of experience or,
- Relevant Master's Degree and 7 or more years of experience or,
- Relevant Bachelor's Degree and 9 or more years of experience .
* Must meet educational requirements prior to employment start date.
Additional Required Qualifications
- Demonstrated experience with reverse engineering tools (disassemblers, decompilers, debuggers) and processes (unpacking malware, reconstructing code logic, etc.) including IDA Pro, Ghidra, or Windbg.
- Proficient in analyzing non-x86 instruction set architectures.
- Experience in applying static and dynamic reverse engineering methods on source code and binary files.
- Experience analyzing embedded systems, including software, firmware, communications and protocols.
- Strong knowledge of the most prevalent eCrime malware families.
- Knowledge of programming and scripting languages, in particular Python.
- Ability to analyze raw network data and to develop or use protocol decoders and decryption tools.
- Ability to express complex technical and non-technical concepts in verbal and graphical products.
- Excellent writing skills are mandatory, as documented by an existing publication record (journal or conference papers, technical whitepapers, blog posts, or similar)
- Experience with extraction and analysis of memory, binaries, keys, and/or firmware from chips/devices
- Clearance: Must be able to obtain and maintain a DOE Q security clearance (equivalent to DOD Top Secret) and SCI access. SCI access may require a polygraph examination. To obtain a clearance, an individual must be at least 18 years of age; U.S. citizenship is required except in very limited circumstances. See DOE Order 472.2 for additional information.
- A background in intelligence analysis is a plus.
- Experience tracking adversaries engaged in Big Game Hunting (BGH), DOD operations, or exploit analysis and forensics.
- Experience tracking threats to IoT systems.
- Knowledge of Windows OS and system internals.
- A background in exploit and vulnerability analysis is a plus.
- Solid understanding of networking and communications patterns in IoT domains.
- Five years of experience in static and dynamic malicious code reverse engineering.
- Excitement about improving our national energy security
- Existing DOD or DOE security clearance
Tags: Clearance Cloud DoD Exploit Forensics Ghidra Industrial Internet of Things Malware PhD Polygraph Python Reverse engineering SBOM SCADA Scripting Security Clearance Top Secret Vulnerabilities Windows
Perks/benefits: Career development
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open Security Operations Analyst jobs
- Open Senior SOC Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Analyste CERT / Incident Responder senior (H/F) jobs
- Open SOC Analyst jobs
- Open Staff Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Manager Pentest H/F jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Analyste CERT / Incident Responder junior (H/F) jobs
- Open IT Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Senior Cybersecurity Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open IT Security Specialist jobs
- Open Infosec Risk Manager jobs
- Open Cyber Program Manager jobs
- Open o365 Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Staff Information Security Engineer jobs
- Open Cyber Hunt SME jobs
- Open Information System Security Officer (ISSO) jobs
- Open Senior Security Operations Engineer jobs
- Open Agile-related jobs
- Open SIEM-related jobs
- Open GCP-related jobs
- Open Clearance-related jobs
- Open Risk assessment-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Analytics-related jobs
- Open Java-related jobs
- Open IAM-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open CISM-related jobs
- Open Vulnerability management-related jobs
- Open Kubernetes-related jobs
- Open APIs-related jobs
- Open Malware-related jobs
- Open Forensics-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open DevSecOps-related jobs
- Open CI/CD-related jobs
- Open Cryptography-related jobs
- Open CISA-related jobs
- Open Encryption-related jobs