Vulnerability Researcher

APPLICATION INSTRUCTIONS

CURRENT PENN STATE EMPLOYEE (faculty, staff, technical service, or student): login to Workday to complete the internal application process. Please do not apply here; apply internally through Workday.

CURRENT PENN STATE STUDENT (not employed previously at the university) and seeking employment with Penn State: login to Workday to complete the student application process. Please do not apply here; apply internally through Workday.

IF YOU ARE NOT A CURRENT EMPLOYEE OR STUDENT: click "Apply" and complete the application process for external applicants.

Approval of remote and hybrid work is not guaranteed regardless of work location. For additional information on remote work at Penn State, see Notice to Out of State Applicants.

We are searching for a self‑motivated Vulnerability Researcher to join our Cyberspace Operations Research Department at the Applied Research Laboratory (ARL) at Penn State University. ARL/Penn State’s purpose is to develop innovative solutions to challenging national problems in support of the Navy, DoD, and Intel communities’ engineering and technology needs. The Cyberspace Operations Research Department provides technical expertise in adversarial tactics, techniques, and procedures (TTPs) to support system evaluation and provide security hardening support to various sponsors.

ARL is an authorized DoD Skill Bridge partner and welcomes all transitioning military members to apply.

• Research cutting‑edge techniques and technologies for system exploitation
• Leverage expertise in reverse engineering, vulnerability research, and software development to address established needs and investigate solutions to emerging requirements
• Apply software engineering best practices to create proof‑of‑concept tools and configure test environments to perform demonstrations to sponsors and partners
• Assist the Cyberspace Operations Research Department Head in maintaining relationships with sponsors through on‑site technical discussions, preparation and presentation of technical materials, and project‑related correspondence
• Provide process enhancement for technical functionality evaluation, vulnerability analyses, cyberspace operations engineering, and penetration testing projects
• Apply project management principles and methods to the leadership of tasks or projects
• Provide guidance to lower‑level engineers to foster professional growth

• Understand broad strategic objectives and contribute to them; nurture and maintain relationships with major customers/grantors of external research and development grant funding
• Identify grant/project follow‑on work and persuade customers/grantors to fund; influence customer decisions and strategies
• Initiate new project concepts and seek funding; develop technical proposals and make presentations to customers/grant sponsors
• Mentor department staff in the development of technical, project, and business development skills

• Documented application of reverse engineering and vulnerability testing tools (e.g., Ghidra/IDA, Kali Linux, Angr/AFL++, QEMU/Unicorn, etc.)
• Reverse engineering, vulnerability research, malware analysis, and/or CNO tool development
• Computer networking fundamentals, Windows and
  * NIX operating systems, X86(64) and ARM or MIPS architectures
• Cyber operations architecture and software engineering practices
• Software programming, programming languages, and development environments (to include at a minimum C, Java, or Python)
• Ability to express technical information clearly and concisely in documents and presentations for senior leaders to successfully comprehend and leverage for decision making
• Active government security clearance at TS/SCI level with eligibility for special accesses

• Cybersecurity exploit development and test environment configuration
• Cybersecurity penetration testing / cybersecurity Red Team testing / white hat hacking
• Military cyberspace operations or computer network operations
• Demonstrated history of successful project initiation efforts
• Agile software development…