[Close] 

Vulnerability Researcher

Vulnerability Researcher
Location:
Centreville, Virginia, United States
Requisition #:
52157
Post Date:
Reverse Engineer
Job ID TBD
Reverse Engineer
Opportunity
Do you like new challenges every day? Do you thrive in dynamic real-time situations? We?re looking for smart creative problem solvers to work with our customers in an operational environment creating software tools that meet critical national security needs and make the world a safer place. We need reverse engineers who can analyze a variety of binary software products, environments and programming languages/frameworks/platforms (Windows, MAC OS, iOS, Android) You will be an integral member of a highly-skilled and dynamic team that developing state of the art full spectrum cyber capabilities. Responsibilities include analyzing and deconstructing software applications and protocols, identifying potential attack vectors of all types on all platforms, triage, categorization, and analysis of discovered vulnerabilities and development of proof of concept (PoC) code. At Parsons, we specialize in solving complex problems on a daily basis. We have a roster including some of the best and the brightest in the industry, and we provide a great place to grow your career.
Qualifications
Required Qualifications:
? 5 years overall engineering experience with 2 yrs of Vulnerability research and/or Reverse engineering.
?U.S. citizenship is required.
?Active Top Secret Security Clearance with SCI eligibility
Desired Experience:
? Software reverse engineering ? Experience using IDA Pro to determine how an application works and processes data. This could include x86, ARM, ARM64 etc.
? Experience identifying zero days including memory corruption bugs for example stack overflows, heap overflows, integer overflows, logical flaws.
? Experience with mitigation techniques (ASLR, Stack cookies, non-executable memory).
? File format reverse engineering ? Experience determining how files are structured, understanding the standard methods for encoding data from Base64 to ASN1.
? Encryption - A good understand of how symmetrical and asymmetrical encryption works, certificate chain of trust, crypto weaknesses etc.
? Protocol Analysis - Knowledge of how IP/Serial based protocols work and how to reverse their format including checksums, MACs, encoding formats, HTTP, XML etc.
? Fuzzing - Experience of writing and running fuzzers, understanding of the differences between dumb and more intelligent fuzzers, and how reverse engineering feeds the process.
? Coding - The ability to quickly write programs to accomplish point solutions in languages like Python, C, C++, C#, PHP.
? Code Review - The ability to review source code to identify bugs and vulnerabilities.
? Operating Systems Architecture - Knowledge of how operating systems work from ?user land? code right through to the kernel.
Applicants selected for employment will be subject to a Federal background investigation and must meet additional eligibility requirements for access to classified information or materials.
_Parsons is a digitally enabled solutions provider focused on the defense, security, and infrastructure markets. With nearly 75 years of experience, Parsons is uniquely qualified to deliver cyber/converged security, technology-based intellectual property, and other innovative services to federal, regional, and local government agencies, as well as to private industrial customers worldwide._
_Parsons is an equal opportunity, drug-free employer committed to diversity in the workplace. Minority/Female/Disabled/Protected Veteran/LGBT._
_For more about Parsons, visit_ _parsons.com_ _and follow us on_ _Facebook_ _,_ _Twitter_ _,_ _LinkedIn_ _, and_ _._
Parsons is an equal opportunity, drug-free employer committed to diversity in the workplace. Minority/Female/Disabled/Protected Veteran/LGBT
Parsons is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regards to an individual's race, color, religion, national origin, ethnicity, union affiliation, age, sex, sexual orientation, gender identity and expression, pregnancy, employable physical or mental disability, veteran status, genetic information, immigration status, or any other basis protected by applicable laws.


Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.

More Jobs

Software Engineer, Cyber Vulnerability Researc...
Herndon, VA Lockheed Martin Corporation
Software Vulnerability Researcher
Quantico, VA ManTech International Corporation
Senior Software Vulnerability Researcher
Quantico, VA ManTech International Corporation
Senior Software Vulnerability Researcher
Quantico, VA ManTech International Corporation
Software Vulnerability Researcher
Vienna, VA ManTech International Corporation
Cyber Vulnerability Researcher
Chantilly, VA L3 Technologies