The SEI helps advance software engineering principles and practices and serves as a national resource in software engineering, computer security, and process improvement. The SEI works closely with defense and government organizations, industry, and academia to continually improve software-intensive systems. Our core purpose is to help organizations improve software engineering capabilities and develop or acquire the right software, defect free, within budget and on time, every time.
The CERT Division of the Software Engineering Institute (SEI) is seeking an applicant for the role of a Reverse Engineer Researcher for the Threat Analysis directorate. The SEI is a federally funded research and development center at Carnegie Mellon University.
What you'll do
Reverse engineer malicious code in support of high-impact customers, design and develop new analysis methods and tools, work to identify and address emerging and complex threats, and effectively participate in the broader security community
Perform in-depth reverse engineering of malicious code, document and transition results in reports, presentations, and technical exchanges
Design, prototype, and transition new analysis methods and tools
Identify and document high-impact, emerging, and complex active security threats
Participate in the broader security community through collaboration, papers, and presentations
Who you are
You have strong technical writing experience
You recognize and deal appropriately with confidential and sensitive information
You are able to handle continual shifting priorities
You enjoy mentoring and training others as well as sharing knowledge
You communicate effectively with technical and non-technical audiences
You have BS in Computer Science or related discipline with eight (8) years of experience; OR MS in the same fields with five (5) years of experience; OR PhD in the same fields with two (2) years of experience
You have a willingness to travel to various locations to support the SEI's overall mission This includes sponsor sites, conferences, and offsite meetings on occasion. Moderate Travel (15%)
You will be subject to a background check and obtain and maintain an active Department of Defense security clearance
You have experience with or knowledge of
Reverse engineering software binaries
Using disassemblers and decompilers (e.g. IDA Pro, NSA Ghidra)
Using debuggers (e.g. x32dbg, x64dbg, gdb, WinDbg)
Using hex editors and binary analysis similar tools
Good knowledge of C/C++, low-level programming, and computer architecture
Python or Java development
Familiarity with common assembly languages (Intel x86, Intel x64, ARM, etc.)
Understanding of binary file formats (PE, ELF, Mach-O).
Solid understanding of programming languages and operating system concepts
Signature development independent of detection technology
Developing extensions or scripts for reverse engineering tools
Operating system APIs and security models
Internet Protocols and network analysis tools (e.g. Wireshark, netcat, and others)
Device driver development
Mobile device development and reverse engineering
VirtualBox or VMWare admin or development
Build hardware / hardware emulation environments suitable for developing/validating UEFI and other firmware exploits
General understanding and experience in Machine Learning
Why work here?
Join a world-class organization that has significant impact on software
Work with cutting edge technologies and experts to solve tough problems for the government and the nation
Get 8% monthly contribution for your retirement, without having to contribute yourself
Get tuition benefits to CMU and other institutions for you and your dependent children
Enjoy a healthy work/life balance with flexible work arrangements and paid parental and military leave
Get access to university resources including mindfulness programs, childcare and back-up care benefits, a monthly transit benefit on WMATA, free transportation on the Pittsburgh Regional Transit System
Enjoy annual professional development opportunities; attend conferences and training or obtain a certification and get reimbursed for membership in professional societies
Qualify for relocation assistance and so much more
CMU's COVID-19 Vaccination Requirements: As a condition of employment, Carnegie Mellon University requires all staff and faculty working in the United States to be fully vaccinated, including a booster when eligible, against COVID-19. Prior to commencement of employment, new hires in the United States must provide proof of vaccination or obtain an approved exemption. (Exemptions may be requested for medical reasons or for religious or strong moral or ethical conviction.) Staff and faculty must comply with all applicable COVID-19 mitigation requirements. Please see Minimum Requirements to Return to Campus for details regarding the university's current COVID-19 mitigation requirements.
Staff - Regular
Full Time/Part time
Please visit "Why Carnegie Mellon" to learn more about becoming part of an institution inspiring innovations that change the world.
Carnegie Mellon (www.cmu.edu) is a private, internationally ranked research university with programs in areas ranging from science, technology and business, to public policy, the humanities and the arts. More than 12,000 students in the university’s seven schools and colleges benefit from a small student-to-faculty ratio and an education characterized by its focus on creating and implementing solutions for real problems, interdisciplinary collaboration and innovation. A global university, Carnegie Mellon’s main campus in the United States is in Pittsburgh, Pa. It has campuses in California’s Silicon Valley and Qatar, and programs in Africa, Asia, Australia, Europe and Mexico.