Senior Offensive Threat Researcher Security Clearance

Position: Senior Offensive Threat Researcher with Security Clearance
Overview:
Draper is an independent, nonprofit research and development company headquartered in Cambridge, MA. The 2,000+ employees of Draper tackle important national challenges with a promise of delivering successful and usable solutions. From military defense and space exploration to biomedical engineering, lives often depend on the solutions we provide. Our multidisciplinary teams of engineers and scientists work in a collaborative environment that inspires the cross-fertilization of ideas necessary for true innovation.

For more information about Draper, visit  .

Job Description

Summary:

Draper's Offensive Cyber Security Group is looking for dedicated individuals to develop tailored solutions to meet our DoD and IC Sponsor directives. Our organization's not-for-profit status ensures a capability-driven focus on the United States of America's national interests that allows us to address some of our Nation's most pressing challenges. Due to the variety of USG organizational needs, our technical efforts and opportunities vary from conventional cyber operations enablement tooling to embedded vulnerability research and exploit development on a wide range of devices and systems.

Job Description:

* Assess hardware and software for security vulnerabilities using a breadth of technologies and techniques.

* Develop software that meets behavior and security requirements for tailored applications.

* Integrate software capabilities with other tasks or groups to improve performance or behavior requirements.

* Create new tools and systems to detect and exploit vulnerabilities and system weaknesses.

* Document nominal application and system functionality, in addition to implemented changes.

* Drive solutions to complex problems with limited direction - contribute to requirements. development, propose ways forward, and adapt appropriately to changes in requirements.

* Provides insight and suggest design modifications based on analysis outcomes, and to apply analysis techniques across a range of technical disciplines.

* Identifies program/system-level technical risks and develop and execute mitigation strategies.

* Actively mentor less experienced engineers and provide thoughtful, constructive feedback.

* Curiosity-driven approach to solving complex, customer-driven problems as part of a multi-disciplinary team.

* Collaborate and communicate effectively and openly with multi-disciplinary program team members, program leadership, and non-technical personnel.

* Be a team player able to work in a fast-paced environment with the ability to balance multiple competing tasks and demands. Experience
5-10 years experience in Cybersecurity or related field is required. Additional

Job Description:

Forensics and Anomaly Detection:
* Proficiency with static and dynamic analysis techniques for forensic analysis and anomaly detection

* Proficiency in techniques that prevent reverse engineering and employ obfuscation or diversification.

* Experience conducting in-depth technical threat analysis and research

* Hands-on proficiency with forensic analysis tools such as: FTK Imager, X-Ways, Autopsy, Volatility

* Proficiency in identifying persistence mechanisms, hidden processes, and malicious host-based and network-based activity

* Proficiency in capturing and analyzing memory dumps, network logs, crash reports, and runtime logs from OS and hypervisor environments. Program Analysis, Reverse Engineering, and Vulnerability Research:
* Proficiency with modern program analysis methodologies and techniques

* Reverse-engineering assessment techniques for software, firmware and/or embedded systems

* Hands-on proficiency with reverse engineering tooling such as:
Ghidra, IDA, GDB, RR

* Familiarity with binary file and file system structures and formats

* Familiarity with architectures and assembly: x86, ARM, Hexagon, PowerPC

* Proficiency with core workings of operating systems (user mode, kernel mode, boot processes), particularly in Windows and GNU/Linux

* Familiarity of network stack and internals Languages and Development:
* Proficiency with programming languages such as: C, C++, Python, Java

* Familiarity with scripting languages such as:
Bash, Powershell

* Familiarity in development environments for GNU/Linux or Windows Leadership and Business Development:
* Successful history in authoring technical proposals and documents

* Leadership in advanced R&D initiatives, including government-funded projects

* Leadership of critical programs with more than two full-time staff members

* Proficient in teamwork and communication with diverse audiences Applicants selected for this position must be required to obtain and maintain a government TS/SCI security clearance. Connect With Draper for Future Opportunities! If you don't find the right posting in our Career Opportunities, you may submit your resume for future consideration.

Job Location - City:
Cambridge

Job Location - State:
Massachusetts

Job Location - Postal Code:  The US base salary range for this full-time position is…