REVERSE ENGINEER WITH SECURITY CLEARANCE
Gridiron IT Solutions
Rome NY 13440 US
Reverse Engineer - Mid Location: Rome, NY
Work Type: Onsite
Remote Work: No Job Description
Collaborate with a team of creative problem solvers to test and evaluate systems through a Whitebox adversarial approach for a national agency to support military clients. Assess hardware and software-based systems based on the NIST 800-53 risk management framework (RMF) security controls. Apply specific functional and working or industry knowledge. Develop or contribute to solutions to a variety of problems of moderate scope and complexity, when needed. Provide reverse engineering, static and dynamic binary analysis, and vulnerability analysis of software on a variety of different platforms and operating systems. Write proof-of-concept software that simulates the behavior of analyzed binaries and their interactions with other system components and validate any discovered vulnerabilities. Author technical documentation of research or findings as it relates to all security mechanisms, including access control, encryption, and obfuscation. Basic Qualifications
3+ years of experience with reverse engineering or vulnerability analysis
Experience with Python, C, or C++ programming languages
Experience with embedded device software development and compilers, linkers, and binary code generation process
Experience with static reverse engineering of software binaries, including Ghidra or IDA Pro
Experience with source code analysis
Experience with finding and exploiting vulnerabilities in firmware binaries using static and dynamic reverse engineering techniques
Experience with modern software exploitation techniques, secure boot process, and bootloader design implementation for iOS or Android platforms
Experience with microcontroller security architecture and integrations, including ARM architecture, assembly language, or mobile OS's, such as Android or iOS
Experience with extending or modifying developed exploit chains to devices or microcontrollers
Top Secret clearance
Bachelor's degree in CS, EE, Computer Engineering, Science, Technology, Engineering, or Mathematics Additional Qualifications
Experience in analyzing packet captures with tools, including Wireshark
Knowledge of operating systems and security practices
Knowledge of cryptographic algorithms and protocols
Experience analyzing and executing test plans and procedures
Experience developing or analyzing technical documentation Clearance: Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Top Secret clearance is required. Compensation and Benefits Salary Range: $80,000-120,000 (Compensation is determined by various factors, including but not limited to location, work experience, skills, education, certifications, seniority, and business needs. This range may be modified in the future.) Benefits: Gridiron offers a comprehensive benefits package including medical, dental, vision insurance, HSA, FSA, 401(k), disability & ADD insurance, life and pet insurance to eligible employees. Full-time and part-time employees working at least 30 hours per week on a regular basis are eligible to participate in Gridiron’s benefits programs. Gridiron IT Solutions is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status or disability status. Gridiron IT is a Women Owned Small Business (WOSB) headquartered in the Washington, D.C. area that supports our clients' missions throughout the United States. Gridiron IT specializes in providing comprehensive IT services tailored to meet the needs of federal agencies. Our capabilities include IT Infrastructure & Cloud Services, Cyber Security, Software Integration & Development, Data Solution & AI, and Enterprise Applications. These capabilities are backed by Gridiron IT's experienced workforce and our commitment to ensuring we meet and exceed our clients' expectations
Work Type: Onsite
Remote Work: No Job Description
Collaborate with a team of creative problem solvers to test and evaluate systems through a Whitebox adversarial approach for a national agency to support military clients. Assess hardware and software-based systems based on the NIST 800-53 risk management framework (RMF) security controls. Apply specific functional and working or industry knowledge. Develop or contribute to solutions to a variety of problems of moderate scope and complexity, when needed. Provide reverse engineering, static and dynamic binary analysis, and vulnerability analysis of software on a variety of different platforms and operating systems. Write proof-of-concept software that simulates the behavior of analyzed binaries and their interactions with other system components and validate any discovered vulnerabilities. Author technical documentation of research or findings as it relates to all security mechanisms, including access control, encryption, and obfuscation. Basic Qualifications
3+ years of experience with reverse engineering or vulnerability analysis
Experience with Python, C, or C++ programming languages
Experience with embedded device software development and compilers, linkers, and binary code generation process
Experience with static reverse engineering of software binaries, including Ghidra or IDA Pro
Experience with source code analysis
Experience with finding and exploiting vulnerabilities in firmware binaries using static and dynamic reverse engineering techniques
Experience with modern software exploitation techniques, secure boot process, and bootloader design implementation for iOS or Android platforms
Experience with microcontroller security architecture and integrations, including ARM architecture, assembly language, or mobile OS's, such as Android or iOS
Experience with extending or modifying developed exploit chains to devices or microcontrollers
Top Secret clearance
Bachelor's degree in CS, EE, Computer Engineering, Science, Technology, Engineering, or Mathematics Additional Qualifications
Experience in analyzing packet captures with tools, including Wireshark
Knowledge of operating systems and security practices
Knowledge of cryptographic algorithms and protocols
Experience analyzing and executing test plans and procedures
Experience developing or analyzing technical documentation Clearance: Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Top Secret clearance is required. Compensation and Benefits Salary Range: $80,000-120,000 (Compensation is determined by various factors, including but not limited to location, work experience, skills, education, certifications, seniority, and business needs. This range may be modified in the future.) Benefits: Gridiron offers a comprehensive benefits package including medical, dental, vision insurance, HSA, FSA, 401(k), disability & ADD insurance, life and pet insurance to eligible employees. Full-time and part-time employees working at least 30 hours per week on a regular basis are eligible to participate in Gridiron’s benefits programs. Gridiron IT Solutions is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status or disability status. Gridiron IT is a Women Owned Small Business (WOSB) headquartered in the Washington, D.C. area that supports our clients' missions throughout the United States. Gridiron IT specializes in providing comprehensive IT services tailored to meet the needs of federal agencies. Our capabilities include IT Infrastructure & Cloud Services, Cyber Security, Software Integration & Development, Data Solution & AI, and Enterprise Applications. These capabilities are backed by Gridiron IT's experienced workforce and our commitment to ensuring we meet and exceed our clients' expectations