Two Six Technologies is looking for a Principal Vulnerability Researcher to provide strategic technical leadership in vulnerability research across hardware, software, and operational domains, identify vulnerabilities, assess operational impacts, and develop effective countermeasures to support government customers with advanced security solutions.
Requirements
- Proficiency in C/C++, Python, and at least one ISA (e.g. x86/ARM/MIPS)
- Proficiency in Linux command-line environments
- Experience using a decompiler such as IDA Pro, Binary Ninja, or Ghidra
- Experience using vulnerability research tools such as emulators or fuzzers
- Experience using a software debugger such as GDB or WinDbg
- Experience translating vulnerabilities into operationally relevant impact assessments and countermeasures.
- Experience using a hardware debugger
Responsibilities
- Lead the identification of vulnerabilities and attacks across hardware, software, personnel, logistics, procedures, and physical security, linking them to operational and mission impacts.
- Identify vulnerabilities and potential attacks across hardware, software, procedures, logistics, and physical security of systems
- Develop proof of concept (PoC) code for identified vulnerabilities
- Reverse-engineer targeted embedded systems to identify vulnerabilities
- Review source code looking for risks and vulnerabilities
- Analyze the effects of vulnerabilities on mission outcomes and operational effectiveness.
- Compare system attack techniques and propose operationally effective countermeasures
Other
- This role requires regular on-site support at the Laurel, Maryland customer site.
- Produce reports, briefings, and perspectives on actual and potential attacks
- Provide technical leadership on research efforts, prioritizing investigations, reviewing methodologies, and overseeing proof-of-concepts.
- Mentor and guide junior engineers and researchers, reviewing technical approaches and fostering skill development.
- Active TS/SCI clearance with Polygraph required
