Reverse Engineer Researcher

A bout the role

The SEI helps advance software engineering principles and practices and serves as a national resource in software engineering, computer security, and process improvement. The SEI works closely with defense and government organizations, industry, and academia to continually improve software-intensive systems. Our core purpose is to help organizations improve software engineering capabilities and develop or acquire the right software, defect free, within budget and on time, every time.

The CERT Division of the Software Engineering Institute (SEI) is seeking an applicant for the role of a Reverse Engineer Researcher for the Threat Analysis directorate. The SEI is a federally funded research and development center at Carnegie Mellon University.

What you'll do

• Reverse engineer malicious code in support of high-impact customers, design and develop new analysis methods and tools, work to identify and address emerging and complex threats, and effectively participate in the broader security community

• Perform in-depth reverse engineering of malicious code, document and transition results in reports, presentations, and technical exchanges

• Explore ways to use artificial intelligence to support of reverse engineering and apply reverse engineering practices to artificial intelligence systems

• Design, prototype, and transition new analysis methods and tools

• Identify and document emerging and complex active security threats

• Participate in the broader security community through collaboration, papers, and presentations

Who you are

• You have BS in Computer Science or related discipline with eight (8) years of experience; OR MS in the same fields with five (5) years of experience; OR PhD in the same fields with two (2) years of experience.

• You enjoy working on emerging and complex malware analysis and reverse engineering problems .

• You have an analytical mindset and deep curiosity about how software works .

• You have the a bility to balance rapid prototyping with maintainable tool development .

• You have strong technical writing experience .

• You recognize and deal appropriately with confidential and sensitive information .

• You are able to handle continual shifting priorit ies .

• You enjoy mentoring and training others as well as sharing knowledge .

• You communicate effectively with technical and non-technical audiences .

• You have a willingness to travel to various locations to support the SEI's overall mission This includes sponsor sites, conferences, and offsite meetings on occasion. Moderate Travel (15%)

• You will be subject to a background check and obtain and maintain an active Department of Defense security clearance

You have experience with or knowledge of

• Reverse engineering software binaries for a variety of architectures , both at the user level and kernel level

• Static analysis tools ( e.g. IDA Pro, NSA Ghidra , Binary Ninja )

• U ser-level and kernel-level debuggers ( e.g. x32dbg, x64dbg, gdb , WinDbg )

• N ative programming languages ( e.g. C/C++).

• High-level programming languages ( e.g. Java, Python, GoLang , etc.)

• Software engineering and design concepts

• Firmware and d evice driver development

• M alware tradecraft and threat actor tactics, techniques, and procedures (TTPs)

• M alware signature creation and use, independent of detection technology

• Operating system concepts and internals and binary file formats ( e.g. PE, ELF, Mach-O, etc.)

• Internet Protocols and network analysis tools ( e.g. Wireshark, netcat , etc. )

• C ompiler theory, cryptography, and malware deobfuscation techniques.

• Mobile device development and reverse engineering

• M alware sandbox es or instrumentation frameworks (e.g., Frida, QEMU, Unicorn Engine).

• General understanding and experience in artificial intelligence and m achine l earning and using artificial intelligence to support reverse engineering and malware analysis

Why work here?

• Join a world-class organization that has significant impact on software

• Work with cutting edge technologies and experts to solve tough problems for the government and the nation

• Get 8% monthly contribution for your retirement, without having to contribute yourself

• Get tuition benefits to CMU and other institutions for you andyour dependent children

• Enjoy a healthy work/life balance withflexible work arrangements and paid parental and military leave

• Get access to university resources including mindfulness programs, childcare and back-up care benefits, a monthly transit benefit on WMATA, free transportation on the Pittsburgh Regional Transit System

• Enjoy annual professional development opportunities; attend conferences and training or obtain a certification and get reimbursed for membership in professional societies

• Qualify for relocation assistance and so much more

Location
Arlington, VA, Pittsburgh, PA
Job Function
Software/Applications Development/Engineering
Position Type
Staff - Regular
Full time/Part time
Full time
Pay Basis
Salary
More Information:

• Please visit " Why Carnegie Mellon " to learn more about becoming part of an institution inspiring innovations that change the world.
• Click here to view a listing of employee benefits
• Carnegie Mellon University is an Equal Opportunity Employer/Disability/Veteran .
• Statement of Assurance