Cyber System Exploitation Engineer
Lexington, MA

Job Description

Our Cyber System Assessments Group performs software and hardware reverse engineering, vulnerability research and discovery, and system exploitation. We develop and prototype cutting-edge capabilities for our operational partners in the U.S. government. We look for, find, and demonstrate cyber vulnerabilities in weapons systems so that vulnerabilities in U.S. systems can be corrected, and vulnerabilities in other systems are better understood.

Our team achieves success through technical excellence in understanding and exploitation of cyber systems, threat modeling, malware, and rapid prototyping of new capabilities. Right, we get to do some serious stuff.

As our Cyber System Exploitation Engineer you will be joining a team of experts developing tools and techniques for software or hardware cyber security or cyber capability development, and software or hardware system reverse engineering and exploitation. You will contribute technical knowledge and apply complex and creative solutions. We define system exploitation as gaining and maintaining unauthorized control over a system. Principal areas of research and development include automated vulnerability discovery, reverse engineering, software protection mechanisms, static analysis and dynamic instrumentation. In this role, you will effectively communicate your research to non-domain experts through writing, public speaking, and hands-on training sessions.

Requirements:

* Master's degree in Computer Science, Computer Engineering or related discipline. In lieu of an M.S. degree, a B.S. degree and 3+ years of directly related experience with demonstrated domain expertise will be considered
* Proficiency in a scripting language, such as Python, and a systems programming language, such as C
* Understanding of an instruction set architecture, operating system design or virtualization platform design

Desired Skills (nice to have a few of these):

* Operating system internals, driver development
* Network protocols, virtualization
* Computer security and vulnerability assessment
* Measurement and metrics
* Debugging using WinDbg or similar tools,
* Static analysis using IDAPro or similar tools
* SAT/SMT solvers, symbolic execution
* Dataflow analysis for compiled binaries
* Binary intermediate representations, binary translation
* Vulnerability discovery and analysis
* Virtualization implementation or instrumentation techniques
* Compiler construction
* Embedded systems firmware reverse engineering
* Anti-debugging or anti-instrumentation techniques and countermeasures and detection thereof

For Benefits Information, click http://hrweb.mit.edu/benefits

MIT Lincoln Laboratory is an Equal Employment Opportunity (EEO) employer. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, veteran status, disability status, or genetic information;

U.S. citizenship is required.

Requisition ID: 26322