Vulnerability Researcher

Benefits

Additional Information

APPLICATION INSTRUCTIONS: CURRENT PENN STATE EMPLOYEE (faculty, staff, technical service, or student), please login to Workday to complete the internal application process . Please do not apply here, apply internally through Workday. CURRENT PENN STATE STUDENT (not employed previously at the university) and seeking employment with Penn State, please login to Workday to complete the student application process. Please do not apply here, apply internally through Workday. If you are NOT a current employee or student, please click "Apply" and complete the application process for external applicants . Approval of remote and hybrid work is not guaranteed regardless of work location. For additional information on remote work at Penn State, see Notice to Out of State Applicants . POSITION SPECIFICS We are searching for a self-motivated Vulnerability Researcher to join our Cyberspace Operations Research Department at the Applied Research Laboratory (ARL) at Penn State University. ARL/Penn State's purpose is to develop innovative solutions to challenging national problems in support of the Navy, DoD, and Intel communities engineering and technology needs. The Cyberspace Operations Research Department provides technical expertise in adversarial tactics, techniques, and procedures (TTPs) to support system evaluation and provide security hardening support to various sponsors. ARL is an authorized DoD SkillBridge partner and welcomes all transitioning military members to apply. You will: Research cutting edge techniques and technologies for system exploitation Leverage expertise in reverse engineering, vulnerability research, and software development to address established needs and investigate solutions to emerging requirements Apply software engineering best practices to create proof-of-concept tools and configure test environments to perform demonstrations to sponsors and partners Assist the Cyberspace Operations Research Department Head in maintaining relationships with sponsors through on-site technical discussions, preparation and presentation of technical materials, and project-related correspondence Provide process enhancement for technical functionality evaluation, vulnerability analyses, cyberspace operations engineering, and penetration testing projects Apply project management principles and methods to the leadership of tasks or projects Provide guidance to lower-level engineers to foster professional growth Additional responsibilities for higher level position includes: Understand broad strategic objectives and contribute to them; nurture and maintain relationships with major customers/grantors of external research and development grant funding Identify grant/project follow-on work and persuade customers/grantors to fund; impact customer decisions and strategies Initiate new project concepts and seek funding; develop technical proposals and make presentations to customers/grant sponsors Mentor department staff in the development technical, project, and business development skills Required skills/experience areas include: Documented application of reverse engineering and vulnerability testing tools (e.g. Ghidra/IDA, Kali Linux, Angr/AFL++, QEMU/Unicorn, etc) Reverse engineering, vulnerability research, malware analysis, and/or CNO tool development Computer networking fundamentals, Windows and *NIX operating systems, X86(64) and ARM or MIPS architectures Cyber operations architecture and software engineering practices Software programming, programming languages, and development environments (to include at a minimum C, Java, or Python) Ability to express technical information clearly and concisely in documents and presentations for senior leaders to successfully comprehend and leverage for decision making Active government security clearance at TS/SCI level with eligibility for special accesses Preferred skills/experience areas include: Cybersecurity exploit development and test environment configuration Cybersecurity penetration testing / cybersecurity Red Team testing / white hat hacking Military cyberspace operations or computer network operations Demonstrated history of successful project initiation efforts Agile software development methodology and tools Atlassian products (e.g., JIRA, Confluence) Your working location will be fully on-site located in Reston, VA, but options exist for occasional hybrid of on-site/work from home based on project-dependent ability. This position will require periodic travel to remote locations in support of testing as part of a small team of researchers, engineers, and technologists. MINIMUM EDUCATION, WORK EXPERIENCE & REQUIRED CERTIFICATIONS If filled as Research and Development Engineer - Senior Professional, this position requires: Bachelor's Degree - Engineering or Science 14+ years of relevant experience Required Certifications: None If filled as Research and Development Engineer - Advanced Professional, this position requires: Bachelor'