Vulnerability Researcher/Reverse Engineer

Vulnerability Researcher/Reverse Engineer

Location: JBSA - Lackland, TX (On-site)

Security Clearance: TS SCI

Salary: $130,000 - $200,000

Ring0 Technologies ("Ring Zero") iis looking for an experienced Vulnerability Researcher/Reverse Engineer to analyze and/or reverse engineer the behavior of potentially malicious code using both static and dynamic tools and techniques and conduct detection and analysis of malware and malware communication techniques in support of a cyber investigations/counterintelligence agency. A successful candidate will research for the purposes of finding new vulnerabilities and enhance existing capabilities.

• Collect and maintain a catalog of malware for retroactive analysis.
• Conduct detection and analysis of malware and malware communication techniques.
• Conduct research for the purposes of finding new vulnerabilities and enhance existing capabilities.
• Use various websites and YARA signatures and provide reports on active cyber threats and their location on the web – find threats, provide invaluable information on adversary’s TTPs and recommendations on how to proceed.
• Analyze and/or reverse engineer the behavior of potentially malicious code using both static and dynamic tools and techniques – author technical reports of findings.
• Participate in the development of R&D prototypes.
• Identify potential operational opportunities while conducting reverse engineering actions.
• Solve challenging problems in the realm of vulnerability analysis and exploitation.

Responsibilities include:

• Work within a team environment.
• Knowledgeable of evolving trends in offensive and defensive cyber tools, tactics, and procedures .
• Apply reverse engineering techniques to identify cyber tradecraft and enable capability implementation.
• Collaborate with other developers, testers, and system engineers to ensure quality product deliverables.
• Write clean, maintainable code following best practices (unit testing, source control, continuous integration, automation, design patterns, etc.).
• Program and debug low-level code and troubleshoot problems.
• Resolve customer requirements and propose solutions for software modifications and enhancements.
• Follow Agile Scrum methodology.

Required Technical Skills

• Proficiency in one or more programming or scripting languages such as C, C++, Java, Assembly, Python, Perl, Ruby, Bash, Node.js, Spark, Puppet, SALT, KAFKA, HADOOP, etc
• Demonstrated competency with disassemblers/decompilers such as IDA Pro, Ghidra, Radare, or Binary Ninja.
• Ability to write custom tools to aid in deeper analysis of a sample, such as lifting/executing target code using software-based CPU emulators, decoding custom network protocols, and emulating false C2.
• Strong aptitude with software debuggers using tools such as WinDbg, OllyDbg, ImmunityDbg, x64 Debugger, GDB, KGDB, NTSD, IDA Debugger, or other similar tools.
• In-depth knowledge of x86/64, ARM and MIPS instruction sets and architectures and MZ/PE, ELF, APK, and IPS file formats.
• 5-7 years of reverse engineering experience within the last five years, and at least six years of malware analysis, technical analysis, military intelligence, DNI, or SIGINT experience.

Desirable Skill

• Bachelor’s or master’s degree in Computer Science, Software Engineering, Cybersecurity, or related discipline from an accredited institution in addition to the required experience.
• Certifications such as SANS GREM, GCFA; IACRB CREA; eLearn Security eCRE; Offensive Security OSCE, OSEE, or other similar technical certifications.
• Proficiency in three or more of the above programming or scripting languages