Sandia National Laboratories Reverse Engineer & Vulnerability Researcher (Early/Mid-Career) in Albuquerque, New Mexico
This posting will be open for application submissions for a minimum of seven (7) calendar days, including the ‘posting date’. Sandia reserves the right to extend the posting date at any time.
The Threat Intelligence Center at Sandia National Labs is seeking cybersecurity professionals who are curious about systems and how they really work under the hood to join hardworking, high-energy teams that are analyzing non-traditional cyber systems for vulnerabilities and threats.
Are you passionate about analyzing systems at the interface between hardware and software? Do you want to apply your knowledge of computer architecture, operating system internals, common exploitation paths, and modern mitigation techniques in the use of fuzzing, debugging, and decompiling tools for static and dynamic analysis of source code and binaries?
Do you excel at identifying system vulnerabilities and crafting proof-of-concept exploits and accompanying mitigations to enable the defense of systems vital to national security? If so, you will want to consider applying for this opportunity.
To support Sandia's national security missions, our cybersecurity scientists and engineers engage in a variety of research areas including:
Manual and automated reverse engineering, vulnerability assessment, and malware analysis
Network operation, information protection, and resiliency
Authentication and authorization
Modeling, simulation, and emulation
Hardware/software trust and assurance
Real-time operating systems (RTOS) and embedded systems, including Internet of Things (IoT)
Virtualization (system and network) and cloud technologies
Mobile devices and smart technologies
Bachelor’s degree in relevant field plus five or more years of experience; or equivalent experience and/or achievements that demonstrate the knowledge, skills and ability to perform the duties of the job
Experience in one or more of the following: reverse engineering; vulnerability assessments; malware analysis; operating systems internals and development (Windows, MacOS, Linux, Android, iOS); computer architecture
Experience with programming languages (e.g., C, C++, Java, Go)
Experience with at least one assembly language (e.g., ARM, MIPS, PowerPC, 8051, x86, x64)
Degree(s) in Computer Science/Engineering, Electrical Engineering, Computer Information Systems, Computer Forensics, or Mathematics
Experience conducting research resulting in creative technical solutions
Experience in reverse engineering, malware analysis, formal methods, deciphering known and unknown file formats, data structures, and network protocols
Experience with one or more of the following: network design, implementation, administration, database systems, webservers, application servers, firewalls, network devices, data science/analytics
Experience auditing code in C/C++, Java, Python, assembly, or other languages
Strong analytical skills
Familiarity with secure-system design principles and information assurance principles
Well-developed leadership skills with the ability to prioritize and execute in a disciplined and focused manner
Strong Software Engineering skills to develop tools in support of vulnerability research
Strong oral and written communication skills, ability to explain complex ideas clearly and concisely
Active DOE Q or DOD TS security clearance and active SCI security clearance
The Information Operations program consists of approximately 200 R&D technical staff working in most of the subdomains of cybersecurity. We are passionate about by our sponsors’ mission and motivated by our teams’ significant national security impacts. Our sponsors’ needs and future technological challenges drive us to push the boundaries of what is possible. We do long-range academically oriented research, quick-turn mission-oriented product development, and everything in between.
Our forward-looking team of specialists that analyze existing and future security architectures and technologies and develop next generation methods and tools to improve the security efficiency and assurance of our nation's critical systems. We employ systems engineering approaches across a spectrum that covers embedded, wireless, enterprise, and globally connected technologies. Our multidisciplinary R&D security research group includes electrical engineers, computer scientists, network security and engineering specialists, and security risk management leaders. We have exciting career opportunities for individuals with a passion to improve the security efficiency of our nation's critical systems and technologies.
Sandia National Laboratories is the nation’s premier science and engineering lab for national security and technology innovation, with teams of specialists focused on cutting-edge work in a broad array of areas. Some of the main reasons we love our jobs:
Challenging work with amazing impact that contributes to security, peace, and freedom worldwide
Some of the best tools, equipment, and research facilities in the world
Career advancement and enrichment opportunities
Flexible work arrangements for many positions include 9/80 (work 80 hours every two weeks, with every other Friday off) and 4/10 (work 4 ten-hour days each week) compressed workweeks, part-time work, and telecommuting (a mix of onsite work and working from home)
Generous vacations, strong medical and other benefits, competitive 401k, learning opportunities, relocation assistance and amenities aimed at creating a solid work/life balance*
World-changing technologies. Life-changing careers. Learn more about Sandia at: http://www.sandia.gov
These benefits vary by job classification.
Sandia is required by DOE to conduct a pre-employment drug test and background review that includes checks of personal references, credit, law enforcement records, and employment/education verifications. Applicants for employment need to be able to obtain and maintain a DOE Q-level security clearance and SCI access, both of which require US citizenship. SCI access may also require a polygraph examination. If you hold more than one citizenship (i.e., of the U.S. and another country), your ability to obtain these levels of access may be impacted.
Applicants offered employment with Sandia are subject to a federal background investigation to meet the requirements for access to classified information or matter if the duties of the position require a DOE security clearance. Substance abuse or illegal drug use, falsification of information, criminal activity, serious misconduct or other indicators of untrustworthiness can cause a clearance to be denied or terminated by the DOE, resulting in the inability to perform the duties assigned and subsequent termination of employment.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or veteran status and any other protected class under state or federal law.