Sandia National Laboratories Cyber Red Team & Mobile Security Research (Experienced) in Albuquerque, New Mexico
This posting will be open for application submissions for a minimum of seven (7) calendar days, including the ‘posting date’. Sandia reserves the right to extend the posting date at any time.
Are you passionate about research dedicated to keeping systems safe and thwarting cyber intrusions? Are you dreaming of a chance to develop protective technologies, conduct threat assessments, and analyze government, military, and civilian computer networks? If so, you will want to join our outstanding multidisciplinary team committed to solving the information security challenges facing our nation! As part of Organization 05681, Cyber Systems Security R&D, you will have the opportunity to engage broadly or specialize in work across the technology spectrum including embedded, mobile, desktop, and enterprise systems, as well as globally connected networks of networks.
We are seeking curious minds to join our department in your choice of technical track:
Track 1: mobile security research
Analysis of mobile/cellular infrastructure, including hardware and software
Real-time operating systems (RTOS) and embedded systems, including Internet of Things (IoT)
Android/IOS application security analysis and design
Radiofrequency signal analysis
Track 2: vulnerability analysis, red teaming, and security assessment
Manual and automated reverse engineering, vulnerability assessment, and malware analysis
Intrusion prevention/detection and response, penetration testing, and forensic
Low-level research to support ongoing experimentation and development in OSes, hypervisors, and multiple levels of firmware
Virtualization (system and network) and cloud technologies
The selected candidate will help cultivate relationships, grow existing programs, and develop new programs with both new and existing customers across US government agencies, including the Department of Defense (DoD) and programs inside and outside the National Security Program (NSP). They will also be responsible for collaborating closely with peers and management across the Labs. See https://casa.sandia.gov for more details about our red teaming.
A Master’s degree in Computer Science, Computer Engineering, Electrical Engineering, Mathematics, or a related mathematical field plus one year of experience; or a Bachelor's degree in Computer Science, Computer Engineering, Electrical Engineering, Mathematics, or a related mathematical field plus five years of experience; or equivalent experience and/or achievements that demonstrate the knowledge, skills, and ability to perform cybersecurity research and development.
The ability to acquire and maintain a DOE Q level security clearance and SCI-level clearance
This list is comprehensive and no one candidate is required to meet all, or even most, of the below desired qualifications. If you don’t meet all the below desired qualifications, that shouldn’t prevent you from applying. We’re still interested in talking to you.
Technical experience areas:
Strong C with a proven understanding of memory (alignment, pointers) and how to make processors perform the memory accesses wanted (or the hardware requires)
Reading/writing assembly (inline or standalone)
Analyzing mobile device software and hardware
RF (radiofrequency) signal analysis
Working at or below the operating system level – Ring 0, EL1+, etc.
Hardware virtualization and hypervisors (at hypervisor level, not administration level)
Assembly or operating system programming, application layer programming, Dev-Ops programming, and/or network layer programming
Reverse engineering, malware analysis, deciphering known and unknown file formats, data structures, and network protocols
Any of the following: network design, implementation, administration, database systems, webservers, application servers, firewalls, network devices, data science/analytics
Auditing code in C/C++, Java, Python, assembly, or other languages
Awareness and understanding of the hardware security vulnerabilities of the past few decades, and an ability to translate those into less technical terms for more general comprehension
Other desired qualifications:
STEM Master's Degree in related field
Well-developed leadership skills and able to prioritize and execute in a principled and focused manner
Strong oral and written communication skills, with the ability to explain sophisticated ideas clearly and concisely
An active SCI-level security clearance
The Cyber Systems Security R&D Department is a forward-looking security risk management team of specialists that analyze existing and future security architectures and technologies, and develop next generation methods and tools to improve the security effectiveness and assurance of our nation's critical systems. We employ systems engineering approaches across a spectrum that covers embedded, wireless, enterprise, and globally connected technologies. Our multidisciplinary R&D security research group includes electrical engineers, computer scientists, network security and engineering specialists, and security risk management thought leaders. Core program areas our teams support include system red teaming, specialized secure software development, and enterprise security risk assessments. We have exciting career opportunities for individuals with a passion to improve the security effectiveness of our nations critical systems and technologies.
Sandia National Laboratories is the nation’s premier science and engineering lab for national security and technology innovation, with teams of specialists focused on cutting-edge work in a broad array of areas. Some of the main reasons we love our jobs:
Challenging work with amazing impact that contributes to security, peace, and freedom worldwide
Some of the best tools, equipment, and research facilities in the world
Career advancement and enrichment opportunities
Flexible work arrangements for many positions include 9/80 (work 80 hours every two weeks, with every other Friday off) and 4/10 (work 4 ten-hour days each week) compressed workweeks, part-time work, and telecommuting (a mix of onsite work and working from home)
Generous vacations, strong medical and other benefits, competitive 401k, learning opportunities, relocation assistance and amenities aimed at creating a solid work/life balance*
World-changing technologies! Life-changing careers! Learn more about Sandia at: http://www.sandia.gov
These benefits vary by job classification.
Sandia is required by DOE to conduct a pre-employment drug test and background review that includes checks of personal references, credit, law enforcement records, and employment/education verifications. Applicants for employment need to be able to obtain and maintain a DOE Q-level security clearance and SCI access, both of which require US citizenship. SCI access may also require a polygraph examination. If you hold more than one citizenship (i.e., of the U.S. and another country), your ability to obtain these levels of access may be impacted.
Applicants offered employment with Sandia are subject to a federal background investigation to meet the requirements for access to classified information or matter if the duties of the position require a DOE security clearance. Substance abuse or illegal drug use, falsification of information, criminal activity, serious misconduct or other indicators of untrustworthiness can cause a clearance to be denied or terminated by the DOE, resulting in the inability to perform the duties assigned and subsequent termination of employment.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or veteran status and any other protected class under state or federal law.