Sandia National Laboratories R&D Software Analysis for Cybersecurity (Early/Mid-Career) in Albuquerque, New Mexico
Increasingly, national security questions are becoming questions about how software systems function. To achieve national security missions, many government agencies seek to reverse engineer, analyze, and answer questions about software systems in a variety of forms from source code to binaries across a range of architectures. The rate at which software is growing in size and complexity means that traditional methods of manual software analysis will not keep pace with national security demands. As a Federally-Funded Research and Development Center (FFRDC), Sandia National Laboratories is seeking to address this problem by growing our expertise in applied software analysis researchers to advance the state of the art in software analysis and program understanding.
Are you passionate about improving our nation's security? Do you dream of utilizing your expertise to craft creative solutions that will advance the latest software security technologies? If so, you will want to consider applying for this opportunity.
On any given day, you may be called on to:
- Seek creative solutions to hard software analysis problems by adapting, leveraging, and integrating existing tools to build analysis systems that are stronger than their parts
- Engage with experts in other domains, including graph analytics, statistics, machine learning, human factors, visualization, high-performance computing, and more.
- Apply external cutting-edge research to create practical tools and pursue our own research as well
- Explore both static and dynamic software analysis techniques to analyze software
- Evaluate existing tools and approaches in detail to understand their strengths and weaknesses when applied to real-world national security applications.
- Seek an effective balance between automation and the human analyst
- Develop useful, practical automation inspired by your experiences with manual reverse engineering
- Travel domestically and internationally to support current efforts and identify new opportunities for growing our capabilities and impact
When applying to this requisition, you may be interviewed and/or hired by one of several computer science-focused organizations.
- Master’s degree or doctorate in a related discipline; or Bachelor’s degree in a related discipline plus 4 years’ experience; or 12 years’ experience
- Ability to obtain/maintain a DOE Q security clearance and a DOE SCI security clearance, and willingness to take a polygraph exam if requested
- Degree(s) in Computer Science/Engineering, Mathematics, Statistics, or other closely related STEM field
- Experience or training in one or more of the following areas: control/data-flow analysis, symbolic execution, taint analysis, abstract interpretation, pointer analysis, heap/shape analysis, program slicing, dynamic instrumentation, compiler optimizations, Hoare logic, software model checking, formal analysis/verification of software, programming language theory, or similar
- Practical, hands-on experience developing or adapting program analysis techniques
- Experience in conducting research resulting in innovative technical solutions
- Experience with type-safe languages (e.g., OCaml, Scala, Haskell)
- Experience with various program representations, including assembly (e.g. ARM, MIPS, PowerPC, 8051, x86), intermediate representations, graph-based representations, or higher semantic representations
- Experience using analysis, reverse engineering, and debugging tools (e.g., angr, BAP, IDA Pro, Binary Ninja, gdb, Hopper, libVMI, lldb, LLVM sanitizer, otool, objdump, PINtools, or windbg)
- Demonstrated ability to develop technical ideas and results and present them in oral and written form
- Curiosity about systems and how they really work under the hood
- Ability to thrive in a high-energy, team-based environment
- Aptitude and desire to lead (technical leader, project leader, program leader, mentor, or educator)
- Active DOE clearance OR equivalent US government security clearance
The Information Operations program consists of approximately 200 R&D technical staff working in most of the subdomains encompassed by the term “cybersecurity”.
Our technical backgrounds are diverse. Some of us have spent years focusing on the fine details of particular technologies and are recognized as nation-level experts. Some of us are generalists and move from project to project—keeping things connected and developing new skills.
Specialists and generalists work together—neither is more important than the other, and it is easy to shift between project and technical roles over time. Our researchers are expected to work with significant autonomy.
Our teams strive to push forward and dramatically impact both the R&D and customer missions. We accept that high-risk projects sometimes fail.
If this environment sounds appealing, you would excel here.
Sandia National Laboratories is the nation’s premier science and engineering lab for national security and technology innovation, with teams of specialists focused on cutting-edge work in a broad array of areas. Some of the main reasons we love our jobs:
- Challenging work withamazingimpact that contributes to security, peace, and freedom worldwide
- Extraordinary co-workers
- Some of the best tools, equipment, and research facilities in the world
- Career advancement and enrichment opportunities
- Flexible schedules, generous vacations,strongmedical and other benefits, competitive 401k, learning opportunities, relocation assistance and amenities aimed at creating a solid work/life balance*
World-changing technologies. Life-changing careers. Learn more about Sandia at: http://www.sandia.gov
*These benefits vary by job classification.
Position requires SCI access.
Position requires a Department of Energy (DOE) Q-level security clearance and SCI access. SCI access may require a polygraph examination.
Sandia is required by DOE to conduct a pre-employment drug test and background review that includes checks of personal references, credit, law enforcement records, and employment/education verifications. Applicants for employment must be able to obtain and maintain a DOE Q-level security clearance and SCI access, both of which require US citizenship. SCI access may also require a polygraph examination. If you hold more than one citizenship (i.e., of the U.S. and another country), your ability to obtain these levels of access may be impacted.
Applicants offered employment with Sandia are subject to a federal background investigation to meet the requirements for access to classified information or matter if the duties of the position require a DOE security clearance. Substance abuse or illegal drug use, falsification of information, criminal activity, serious misconduct or other indicators of untrustworthiness can cause a clearance to be denied or terminated by the DOE, resulting in the inability to perform the duties assigned and subsequent termination of employment.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.