More jobs:
Senior Embedded Vulnerability Researcher
Job in
Reston, Fairfax County, Virginia, 22090, USA
Listed on 2026-06-04
Listing for:
Draper Laboratory
Full Time
position Listed on 2026-06-04
Job specializations:
-
IT/Tech
Cybersecurity, Systems Engineer
Job Description & How to Apply Below
Draper is an independent, nonprofit research and development company headquartered in Cambridge, MA. The 2,000+ employees of Draper tackle important national challenges with a promise of delivering successful and usable solutions. From military defense and space exploration to biomedical engineering, lives often depend on the solutions we provide. Our multidisciplinary teams of engineers and scientists work in a collaborative environment that inspires the cross-fertilization of ideas necessary for true innovation.
For more information about Draper, visit
Job Description
Summary:
Draper's Offensive Cyber Security Group is looking for dedicated individuals to develop tailored solutions to meet our DoD and IC Sponsor directives. Our organization's not-for-profit status ensures a capability-driven focus on the United States of America's national interests that allows us to address some of our Nation's most pressing challenges. Due to the variety of USG organizational needs, our technical efforts and opportunities vary from conventional cyber operations enablement tooling to embedded vulnerability research and exploit development on a wide range of devices and systems.
Job Description:
Duties/Responsibilities
* Assess hardware and software for security vulnerabilities using a breadth of technologies and techniques.
* Develop software that meets behavior and security requirements for tailored applications.
* Integrate software capabilities with other tasks or groups to improve performance or behavior requirements.
* Create new tools and systems to detect and exploit vulnerabilities and system weaknesses.
* Document nominal application and system functionality, in addition to implemented changes.
* Help define the analysis approach for a particular problem and independently execute assignments
* Contribute high quality content for technical reports and presentations with minimal guidance
* Proactively identify needs and concerns associated with design decisions and communicate them to project leadership
Skills/Abilities
* Curiosity-driven approach to solving complex, customer-driven problems as part of a multi-disciplinary team.
* Collaborate and communicate effectively and openly with multi-disciplinary program team members, program leadership, and non-technical personnel.
* Be a team player able to work in a fast-paced environment with the ability to balance multiple competing tasks and demands.
Experience
5-10 years experience in Cybersecurity or related field is required.
Additional
Job Description:
Program Analysis, Reverse Engineering, and Vulnerability Research:
* Proficiency with modern program analysis methodologies and techniques
* Reverse-engineering assessment techniques for firmware or embedded systems
* Familiarity with binary file and file system structures and formats
* Hands-on proficiency with reverse engineering tooling such as:
Ghidra, IDA, GDB, RR
* Hands-on proficiency with physical instrumentation or hardware modification, soldering
* Experience with JTAG/SWD/BDM, and eMMC/NAND/SPI flash data extraction
* Exploitation techniques for embedded devices across platforms and architectures
* Familiarity of network stack and internals
* Familiarity of operating system internals throughout user mode, kernel mode, and during boot processes for at least one of the following: GNU/Linux, RTOS
* Familiarity with architectures and assembly: x86, ARM, Hexagon, PowerPC
Languages and Development:
* Proficiency with programming languages such as: C, C++, Python, Java
* Familiarity with scripting languages such as:
Bash, Powershell
* Familiarity in development environments for GNU/Linux or Windows
Leadership and Business Development:
* Successful history in authoring of technical proposals and documents
* Leadership in advanced R&D initiatives, including government-funded projects
* Leadership of critical programs with more than two full time staff members
* Proficient in teamwork and communication with diverse audiences
Preferred Qualifications:
* Experience with side channel attacks (glitching) to place components and/or devices into altered states to bypass protections.
* Familiarity with custom file system extraction and modification, removal and/or regeneration of OOB/CRC data.
* Familiarity with bus and protocol analysis.
Applicants selected for this position must be required to obtain and maintain a government TS/SCI security clearance.
Connect With Draper for Future Opportunities! If you don't find the right posting in our Career Opportunities, you may submit your resume for future consideration.
Job Location - City:
Cambridge
Job Location - State:
Massachusetts
Job Location - Postal Code:
The US base salary range for this full-time position is
$82,300.00 - $
Our salary ranges are determined by role, level, and location. The range displayed on each job posting reflects the minimum and maximum target salaries for the position across all US locations. Within the range, individual pay is determined by work location and additional factors, including…
Position Requirements
10+ Years
work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×