Software Reverse Engineer
 

Location: Bethesda, MD

Clearance Requirement: TS/SCI

Position Summary:

• Isolate, review, analyze, reverse-engineer, and modify malicious and non-malicious programs and applications
• Write and produce technical reports related to the scope, nature, and characteristics of the assessed software and applications suitable for distribution to both technical and non-technical audiences
• Work deep within the boot-process kernel and system internals using tools like IDA Pro, debuggers, and in-target probes to research the behavior of binaries
• Analyze software and firmware using reverse engineering techniques to understand security vulnerabilities, working closely with teammates who value innovation and execution
• Share knowledge by clearly articulation ideas through papers and presentation to technical staff, management and Government decision makers
• With COR approval, participate in working groups, sponsor meetings, proposal writing and conferences
• Provide detailed understanding of how various software-based attacks work at the memory and register level
•Perform in-depth analysis (dynamic/static) on malicious software (ie: bots, worms, trojans) resident on Microsoft Windows and Linux-based platforms to provide actionable intelligence and, as appropriate, provide remediation recommendations
• Analyze, disassemble and reverse engineer software binaries; document and transition results in reports, presentations and technical exchanges
• Design, prototype, document, test and transition code analysis methods and tools appropriate for operational use
• Proactively identify, define and advocate reverse engineering and analysis processes, approaches, and concepts to enhance/improve technical exploitation efforts
• Adequately explain, present, demonstrate (when applicable) and document the operational impact of a particular vulnerability
• Identify, define, determine origin and report on malware and other select software found on media of interest

Requirements:
 

• Advanced/Expert experience with reverse engineering and network security tools, including IDA Pro, GDB, WinDdg, YARA, Windows Sysinternals, Kali, Linux and/or Wireshark
• Expert level programming knowledge/experience with either Windows Kernel, C, C++, Python and/or Assembly Language and the ability to work in a team environment using modern version control systems
• DoD 8570 compliance
• Advanced/Expert level experience in hardware configuration and network/data communications and protocols
• Advanced/Expert level experience in software development and scripting
• Advanced/Expert level experience conducting intelligence analysis and writing finished intelligence reporting
• Experience requiring a thorough understanding of compiler specifics, operation system concepts, security models and causes of most vulnerabilities and how to exploit them. Preferably experience coding and disassembling software on both Windows and Linux or other BSD and Unix variants
• Advanced/Expert experience and knowledge of the types and techniques of cyber exploitation and attack, including virus, worm, trojan horse, logic bomb, and sniffer to identify, quantify, prioritize, and report vulnerabilities in various architectures, networks, communications, applications, and systems
• Experience establishing defense mechanisms to detect and deflect cyber attacks on networks and communications systems and structures and designing and evaluating applications that are secure from known and potential methods of cyber attack
• Experience coordinating systems implementation activities with key personnel to ensure the successful transition from development to implementation and operation present and defend a position and to communicate with government and contractor team members
• Experience with virtualization, driver programming and debugging
• Experience with ethical hacking and/or testing software vulnerabilities

Possesses and applies a comprehensive knowledge across key tasks and high impact assignments. Plans and leads major technology assignments. Evaluates performance results and recommends major changes affecting short-term project growth and success. Functions as a technical expert across multiple project assignments. May supervise others.

Suggested Qualifications: 18-22 years of professional experience without a degree; or 10-14 years of professional experience with a Bachelors degree from an accredited college in a related discipline, or equivalent experience/combined education; or 8-12 years of professional experience with a related Masters degree; or 4 years of professional experience required with a related PhD or JD; Considered an emerging authority / authority in discipline. Consideration should always be given for the level of specific domain expertise.

Desired:

Desired Skills:
• Advanced/Expert experience with diagnosing and debugging software systems
• Contractor may have experience with computer forensic software packages such as EnCase, FTK, or Sleuth Kit / Autopsy

Company Description:

Founded in 2010, EnDepth Solutions sets the standard for Cyber Security services and innovation within the DoD and Intelligence Community. EnDepth's core competencies are Security Engineering, Certification & Accreditation, and System Security Testing.

Our professional staff bring high-level technology skills and industry knowledge and work closely with clients to design and implement a security solution closely tied to enterprise objectives. EnDepth Solutions is a Service Disabled Veteran Owned Small Business (SDVOSB) with numerous prime and sub contracts with customers in the Intelligence Community.

Benefits Summary:

We are proud to offer our employees a selection of high-quality benefits, including:

• Competitive Salaries
• Health Insurance – a choice of Gold level plans from United Healthcare
• Employer-funded Health Savings Account (HSA)
• Dental, Vision & Life Insurance
• Short-term and Long Term Disability plans – 100% Employer paid
• Safe-Harbor 401(k) Retirement Savings Plan
• 10 Holidays and competitive Paid Time Off (PTO) and Comp Time
• Professional Development and Educational Reimbursement
• Employee Referral Bonus
• Company Sponsored Events

EnDepth Solutions is committed to a diverse workforce, as such, we will make all hiring decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. Due to security clearance requirements, U.S. Citizenship is required for most positions.