Senior Vulnerability Researcher - Military veterans preferred

Raytheon is a premier engineering company that provides technical solutions in software development and systems engineering that address security challenges. Raytheon hires industry-leading cyber professionals, and we treat them like industry-leading cyber professionals. We bring exceptional talent to an array of missions that includes computer network operations, vulnerabilities, characterization, information assurance, and emerging technologies to expand cybersecurity solutions. Raytheon engineers are developing advanced analytics helping transform analysis by making sense of the massive amounts of data that must be processed quickly to respond to evolving mission needs. Visit https://www.raytheon.com/cyber/ to learn more about how we protect every side of Cyber https://youtu.be/zx-EIijWuEE

Position Description:
Vulnerability Researchers at Raytheon CSI analyze systems to understand how they work and how they behave when they break. Candidates must be able to play both sides of the fence, both developing and defeating new and advanced security techniques. Projects will be undertaken in small teams with close coordination with customers. All of our engineers write code, but many of our engineers spend as much time taking systems apart as building new ones. A typical day may involve studying disassembly or writing python to audit a piece of C++ code.

Our Annapolis Junction office is in National Business Park, just outside Fort Meade, Maryland. Situated between Baltimore and Washington, DC, Annapolis Junction is surrounded on all sides by American history, breathtaking national parks, world-famous art and science museums, and a vibrant and welcoming cultural setting.

We take our work and our fun seriously. We are passionate about engineering, and we prove it by funding internal R&D concepts from early inception through product development and customer delivery. We believe the best ideas stand on their own merits, and we fund ideas from our most junior engineers to our most seasoned staff. We reward excellence early and often through monetary awards, raises, and promotions. We keep ourselves sharp through weekly engineer-driven technical talks, and we team up regularly to compete in CTFs. If you walk through our Maryland office, you might catch a couple of us taking a break for a round of table tennis, Smash Brothers, or bughouse. If you show up around 2 or 3, you can join us for tea time and specialty coffee pour-overs. On Mondays we have lunch brought in from one of the many great area restaurants, paid for by the company. Our office outings are crazy fun and typically include go-karting, axe-throwing, indoor skydiving, or camping.

Information security continues to be a growth industry. We are constantly looking to find the right candidates who can do this challenging work.

Required Skills:

• Experience with C or C++
• 8+ years of professional experience
• 4 or more of the "desired skills" below

Desired Skills:

• Understanding of OS Internals (any major OS)
• Experience reading or writing assembly (x86, x64, ARM, PPC, MIPS, SPARC, 68k, or others)
• Experience developing embedded systems
• Understanding of network protocols (TCP/IP stacks, wire-level protocols, RF communications, BGP, routing protocols, or others).
• Understanding of exploit mitigations such as DEP and ASLR
• Experience using reverse engineering tools such as IDA Pro, HexRays, or objdump
• Experience using debuggers such as gdb, WinDbg, OllyDbg
• Experience with modern C++ development, such as RAII, C++11 and C++14.

Security Clearance:
Qualified applicants will be subject to a security investigation and must meet minimum requirements for access to classified information. U.S. Citizenship and currently have a TS/SCI with a poly clearance.

Our Interviews:
Our interviews are technical. Come prepared to tell us about your technical background and interests as well as to work through some of our questions on a computer or whiteboard. We hope candidates find our questions to be thought provoking, but we don’t ask brain teasers or tricks. This is a chance to have a dialog with our team, and we hope you will enjoy it!





Key words: CSIALL, CSIVR, CNO, Computer Network Operations, Cyber, Exploitation, hacker, C programming, C++, kernel, device driver development, network programming, socket programming, embedded, python, Assembly, x86, x64, IDA Pro, Ollydbg, Reverse Engineer, vulnerability researcher, security researcher, embedded systems development, assembly language, gdb, debugging, HexRays, C, reverse engineering, software analysis, Driver Development, Emulator, Emulation, DEP, ASLR, buffer overflow, vulnerability, Debugger, disassembler, Objdump, Gdb, WindDbg, OllyDbg, Python, TCP/IP, BGP, Routing, Unix Internals, Linux Internals, Windows Internals, Solaris Internals, OS Internals, ARM, MIPS, PPC, Heap, Stack, Malware, linker, loader

139617

Raytheon is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.