REDLattice is looking for engineers with security clearances. We are a dynamic company in the midst of amazing growth. Culture and employee happiness is our focus; which is why we sponsor many social events including game nights, CTF's, happy hours and outings. We offer top-notch benefits and employee ownership that makes offers from our company pretty sweet.

We need talented folks who want to work on the forefront of cyber. We aren't talking network defense or basic IT security here. Our positions are mission focused and operational in nature.

Responsibilities

To provide software reverse engineering and vulnerability research expertise as part of a research team based in Melbourne, FL.

This role is focused on custom solutions that allow exploitation of mobile and embedded devices as part of a team developers, reverse engineers and exploitation specialists. The candidates will need to have experience of binary reverse engineering and software exploit discovery and exploitation.

Required Qualifications

• Formal degree in Computer Science or Computer Engineering, or another related field.
• Minimum of 5+ years in IT application development with strong understanding and experience in software security programming, and 2+ years in Vulnerability Research / Reverse Engineering and must be comfortable working in an extreme agile environment with frequent course changes.
• Experience using IDA Pro to determine how an application works and processes data. This could include x86, ARM, ARM64 etc.
• Experience identifying and exploiting zero days including memory corruption bugs for example stack overflows, heap overflows, integer overflows, logical flaws.
• Experience with mitigation (ASLR, Stack cookies, non-executable memory) to deter exploitation and how can they be bypassed.
• File format reverse engineering - Experience determining how files are structured, understanding the standard methods for encoding data from Base64 to ASN1.
• Understand how symmetrical and asymmetrical encryption works, certificate chain of trust, crypto weaknesses etc.
• Knowledge of how IP/Serial based protocols work and how to reverse their format including checksums, MACs, encoding formats, HTTP, XML etc.
• Experience of writing and running fuzzers, understanding of the differences between dumb and more intelligent fuzzers, and how Reverse Engineering feeds the process.
• Ability to quickly write programs to accomplish point solutions in languages like Python, C, C++, C#, PHP and java.
• Ability to review C/C++ source code for vulnerabilities.
• Understanding of how operating systems function from user interface code through to the kernel.
• Experience programming Android applications and securing the operating system and applications.
• Experience developing forensic tools to support mission requirements from the output the vulnerability research
• Possession of an active US security clearance

REDLattice Inc. is an Equal Opportunity/Affirmative Action Employer. We consider applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, or membership in any other group protected by federal, state or local law.

Disclaimer:

This job description indicates in general the nature and levels of work, knowledge, skills, abilities and other essential functions (as covered under the Americans with Disabilities Act) expected of an incumbent. It is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities required of an incumbent. An incumbent may be asked to perform other duties as required.