We understand that the price of unparalleled success is learning from our failures. That’s why we turn away work that isn’t hard, engaging, and meaningful. If you aren’t struggling to succeed, you aren’t pushing hard enough. This type of work can be draining, exhausting, and demoralizing. So, we take our breaks seriously too. Surfboards, nerf guns, and wicked program artwork cover our walls. Smash Bros, DND, and tabletop games fill our free time. We have created a relaxed work environment with an unmatched rate of mission success.
Our team covers the full life cycle of Vulnerability Research from reverse engineering and emulation, through vulnerability discovery, to productization and effects generation. Our team also covers a wide range of targets, anything from major consumer electronics to custom proprietary one off systems. If it runs code, we have either already looked at it or will soon.
Key areas of focus include:
* Reverse Engineering
* Vulnerability Discover
* Static Analysis
* Fuzzer Development
* Mobile/Embedded development
* Win32/Linux Kernel development
* Working with iOS, Android, Windows, Linux, or macOS
* Exploit mitigation techniques
* Constraint solving
* Taint Analysis
* Network communication protocols
If you want to create non-traditional methods of acquiring access to computer based systems AND get paid, this is the place for you.
Information security continues to be a growth industry and we are constantly looking to find the right candidates who can do this challenging work.
Familiarity with at least one common low-level architecture (x86, ARM, etc) is important, as is the ability to conduct vulnerability research against applications compiled for that architecture. Experience with software protection and binary armoring is a plus, and familiarity with modern exploit mitigation techniques and counter-measures is a must.
Development experience is desired, but at least some scripting experience is required. Whether in python, ruby, or some other language, you should be capable of quickly developing the tools needed to help you succeed in your reverse engineering and vulnerability research efforts. The strongest candidates will have a variety of low-level operating systems experience as well as cross-platform vulnerability research. If you've written everything from a kernel paged pool exploit to a simple userland stack-based buffer overflow, built your own dynamic instrumentation and integrated a solver to help you identify and reach code, or modified emulators and JIT engines to add your own instrumentation to help you identify entire classes of vulnerabilities, you'll be right at home.
Candidates must be able to play both sides of the fence, both defeating and developing new and advanced security techniques. Projects will be undertaken in small teams with close coordination with customers to quickly enhance capabilities or resolve issues in existing tools.
As the majority of our customers are government agencies, all candidates must meet the minimum qualifications for access to classified information. U.S. citizenship is required. All candidates must be able to obtain and maintain a government security clearance.
Working as part of a team you will also need to be familiar with source management tools such as GIT and team coordinating tools like Atlassian suite of work products.
Degrees are not required for our positions, but they can be helpful. Certifications are neither helpful nor required.
Raytheon is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.