Senior Specialist, Security Software Research Engineer

L3HHCM20•Washington, DC

7d•Remote

About The Position

L3Harris has an immediate opening for a Senior Specialist, Security Software Research Engineer with our security group, Trenchant. Trenchant is responsible for devising and implementing a sophisticated commercial cyber toolkit. Our teams are comprised of elite security researchers and former intelligence professionals with a fixation on realizing mission outcomes. We are pursuing top-tier senior security researching talent with experience across a host of technologies and paradigms. Our researchers, engineers and specialists work on tight-knit interdisciplinary teams. These teams generate thoughtful capability designs and incremental feature releases that reliably deliver cyber solutions into operational environments. Our business unit offers an exceptional value-proposition for individuals looking to make an impact. Trenchant is an elite global team of engineers and security researchers charged with building world-class computer security products. Trenchant’s expertise is the by-product of the L3Harris acquisition of two highly-regarded information security businesses – Azimuth Security and Linchpin Labs. United under Trenchant, we are a key component of L3Harris’ Intelligence and Cyber International Division. We are a trusted, discrete partner furnishing security products, consultancy, training and integration services to allied security, defense, and law enforcement agencies.

Requirements

Bachelor’s Degree and minimum 6 years of prior relevant experience. Graduate Degree and a minimum of 4 years of prior related experience. In lieu of a degree, minimum of 10 years of prior related experience.

Nice To Haves

5+ years of Vulnerability Research, reverse engineering, and bug-hunting.
Experience with static and dynamic binary analysis.
Experience with iOS, Android, Windows, Linux, or embedded systems. kernel, user land, and internals or browser internals.
Experience with common tools in security research (e.g. IdaPro, Ghidra, Radare, Binary Ninja, AFL, SysInternals, GDB, WinDBG, etc).
Experience with common programming languages (e.g. C/C++, Python, Swift, etc).
Experience with common architectures (e.g. x86/64, ARM, AARCH64, MIPS, PowerPC, TILEGX, etc).
Experience with modern security system features, exploit mitigations, and evasion techniques (e.g. defeating ASLR, DEP, Control Flow Guard, ROP, Security Product/AV Evasion, etc).
Experience with a wide-range of modern exploitation concepts and techniques.
Service in the US Intelligence Community or US Military working in cyber operations.
Experience with Computer Network Operations / Computer Network Exploitation.
Experience with symbolic execution and emulation software (e.g. QEMU, Corellium, VHDL, etc).
Cryptographic experience (e.g. side-channel attacks, implementing AES, etc).
Experience teaching and mentoring junior vulnerability researchers.
Bespoke fuzzer development experience.

Responsibilities

Finding vulnerabilities in ubiquitous Internet-deployed software and/or popular devices’ software or firmware.
Constructing exploits for vulnerabilities discovered by the company.
Research & development on security technologies in such fields as exploitation, bug-finding, reverse engineering and static analysis.
Working with and for officers, employees or contractors of the company.
Training, management and provision of guidance to junior staff.
Regular interaction with managers, clients, vendors, and customers to field queries and questions.
Ability to obtain a DoD security clearance.
Take an active role in cross-team projects when needed.