Cyber System Exploitation Researcher

Date: Jun 16, 2019

Location: MA, US

Company: MIT Lincoln Laboratory

Our Cyber System Assessments Group performs software and hardware reverse engineering, vulnerability research and discovery, and system exploitation. We develop and prototype cutting-edge capabilities for our operational partners in the U.S. government. We look for, find, and demonstrate cyber vulnerabilities in weapons systems so that vulnerabilities in U.S. systems can be corrected, and vulnerabilities in other systems are better understood.

 

Our team achieves success through technical excellence in understanding and exploitation of cyber systems, threat modeling, malware, and rapid prototyping of new capabilities. Right, we get to do some serious stuff.

 

When you join us as our Cyber System Exploitation Researcher, you'll be on a team of experts developing tools and techniques for software or hardware cyber security or cyber capability development. You'll get to work with software or hardware system reverse engineering and exploitation, and you will solve broad technical problems to develop new ideas and approaches to executable programs.  We define system exploitation as gaining and maintaining unauthorized control over a system.

 

Principal areas of research you'd be involved with could include:

  • cyber tool development and system analysis of offensive or defensive cyber tools and systems
  • automated vulnerability discovery
  • reverse engineering
  • software protection mechanisms
  • static analysis and dynamic instrumentation.

 

Once you're on our team, you'll be active in communicating your research to non-domain experts through your writing, public presentations, and hands-on training sessions you'll be leading.  You'll also be mentoring other team members.

 

Requirements:

 

  • PhD in Computer Science, Computer Engineering or related discipline. In lieu of a PhD, an M.S. degree and 3+ years or a B.S. degree and 6+ years of directly related experience with demonstrated domain expertise will be considered.
  • Proficient skill in programming a high level language, such as Java
  • Demonstrated experience with scripting languages, such as Python
  • Strong systems programming language capabilities, such as C
  • Understanding of an instruction set architecture, operating system design or virtualization platform design

 

Desired Skills (nice to have a few of these):

 

  • Operating system internals, driver development
  • Network protocols, virtualization
  • Computer security, vulnerability assessment
  • Measurement and metrics
  • Debugging using WinDbg or similar tools
  • Static analysis using IDAPro or similar tools
  • SAT/SMT solvers
  • Symbolic execution
  • Dataflow analysis for compiled binaries
  • Binary intermediate representations and/or binary translation
  • Vulnerability discovery and analysis
  • Virtualization implementation or instrumentation techniques
  • Compiler construction
  • Embedded systems firmware reverse engineering
  • Anti-debugging or anti-instrumentation techniques and countermeasures and detection thereof

 

Requisition ID: 26246 

For Benefits Information, click http://hrweb.mit.edu/benefits

 

MIT Lincoln Laboratory is an Equal Employment Opportunity (EEO) employer. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, veteran status, disability status, or genetic information; U.S. citizenship is required.


Job Segment: Engineer, Firmware, Embedded, Computer Science, Instrumentation, Engineering, Technology