Two Six Technologies is looking to solve complex challenges by building, deploying, and implementing innovative products. The Exploitation Sector specifically needs a Lead Vulnerability Researcher to guide investigations, identify critical vulnerabilities, and develop countermeasures with operational impact for government customers.
Requirements
- Proficiency in C/C++, Python, and at least one ISA (e.g. x86/ARM/MIPS)
- Proficiency in Linux command-line environments
- Experience using a decompiler such as IDA Pro, Binary Ninja, or Ghidra
- Experience using vulnerability research tools such as emulators or fuzzers
- Experience using a software debugger such as GDB or WinDbg
- Experience translating vulnerabilities into operationally relevant impact assessments and countermeasures.
- Experience using a hardware debugger
Responsibilities
- Lead the identification of vulnerabilities and attacks across hardware, software, personnel, logistics, procedures, and physical security.
- Develop proof of concept (PoC) code for identified vulnerabilities
- Reverse-engineer targeted embedded systems to identify vulnerabilities
- Review source code looking for risks and vulnerabilities
- Analyze the effects of vulnerabilities on mission outcomes and operational effectiveness.
- Compare system attack techniques and propose operationally effective countermeasures
- Produce reports, briefings, and perspectives on actual and potential attacks
Other
- Provide technical leadership on research efforts, prioritizing investigations, reviewing methodologies, and overseeing proof-of-concepts.
- Mentor and guide junior engineers and researchers, reviewing technical approaches and fostering skill development.
- Ability to work on-site at Laurel, Maryland customer site regularly.
- Active TS/SCI clearance with Polygraph required
- Experience producing client-facing technical briefings for operational stakeholders
