Bedford, Massachusetts, USA
7 days ago
Senior Embedded Software Vulnerability Researcher

Why choose between doing meaningful work and having a fulfilling life? At MITRE, you can have both. That's because MITRE people are committed to tackling our nation's toughest challenges—and we're committed to the long-term well-being of our employees. MITRE is different from most technology companies. We are a not-for-profit corporation chartered to work for the public interest, with no commercial conflicts to influence what we do. The R&D centers we operate for the government create lasting impact in fields as diverse as cybersecurity, healthcare, aviation, defense, and enterprise transformation. We're making a difference every day—working for a safer, healthier, and more secure nation and world. Our workplace reflects our values. We offer competitive benefits, exceptional professional development opportunities, and a culture of innovation that embraces diversity, inclusion, flexibility, collaboration, and career growth. If this sounds like the choice you want to make, then choose MITRE—and make a difference with us.

Department Summary:

MITRE’s Electronic Systems Security department is seeking to hire talented and creative software vulnerability researchers and reverse engineers with a focus on embedded systems. Our researchers tackle the most complex, challenging, and impactful embedded software security problems of our customers on projects of national significance. We conduct in-depth technical assessments on embedded software operation, research security vulnerabilities, develop exploit proofs-of-concept, and deliver technical capabilities to defend and enable our customers’ missions. Through our diverse customers and missions, our teams tackle a rich variety of embedded software types including bare metal firmware, real-time operating system firmware, the Linux kernel, and user-space binaries to name a few. Our successes have driven and continue to drive us to develop advanced tools that enable, accelerate, and scale our embedded software vulnerability research and reverse engineering analyses as well as bring differentiated value to our customers.

Qualified candidates will join a department with deep technical expertise across many embedded security disciplines including software vulnerability research and reverse engineering, hardware reverse engineering, secure computing, and implementation security. Together, this multi-disciplinary group performs hands-on research and analysis and develops proof-of-concept prototypes to demonstrate and advance the state-of-the-art in embedded security.

Roles & Responsibilities:

Engineers in this role will develop and apply their technical expertise to:

Reverse engineer and perform vulnerability research against complex embedded system softwarePrototype technical capabilities in hardware and software e.g., proof-of-concept software exploitGuide project teams and shape research strategies to realize and deliver solutions for our customersDefine and lead efforts to create software infrastructure and tools necessary to enable, accelerate, and scale reverse engineering, vulnerability research, and capability developmentResearch emerging threats to embedded systems and countermeasuresMentor junior engineers in reverse engineering, vulnerability research, and capability developmentCommunicate project strategy, risk, and results to MITRE program leaders and our customersCollaborate with academic partners to improve embedded security education at our nation’s universities and high schools

Basic Qualifications:

Bachelor’s degree in Electrical or Computer Engineering, Computer Science or similar field with 5 years of related experience; Master’s degree in the same with 3 years of related experience; or PhD in the sameMust be US citizen capable of obtaining and maintaining a Top Secret security clearanceExpertise in reverse engineering software binaries/embedded firmware and having practical experience with disassemblers, decompilers, firmware unpacking, common executable file formats, and debuggersExpertise reverse engineering for one or more embedded processor architectures, preferably ARMExpertise in modern binary exploitation techniques and countermeasures with practical experience in software vulnerability analysis and exploitation developmentExperience developing software with C/C++ and PythonExperience developing low-level software (e.g., embedded systems/microcontrollers, kernels, and/or device drivers)Effective oral and written communication skillsThis position requires a minimum of 50% hybrid on-site

Preferred Qualifications:

Bachelor’s degree in Electrical or Computer Engineering, Computer Science or similar field with 8 years of related experience; Master’s degree in the same with 6 years of related experience; or PhD in the same with 3 years of related experiencePossess an active Secret or Top Secret security clearanceExperience leading teams developing or evaluating secure embedded systemsExperience with one or more of the following technical areas:Fuzz testing software applications or embedded firmwareInstrumentation/debug of embedded software or firmwareFirmware rehosting and peripheral modelingSymbolic analysisLinux kernel, kernel derivers, or real-time operating systemsCommercial embedded and/or hardware security technologies such as ARM TrustZone, Trusted Platform Modules, Boot Guard, Secure Boot, etc.

This requisition requires the candidate to have a minimum of the following clearance(s):

None

This requisition requires the hired candidate to have or obtain, within one year from the date of hire, the following clearance(s):

Top Secret/SCI

Work Location Type:

Hybrid

MITRE is proud to be an equal opportunity employer. MITRE recruits, employs, trains, compensates, and promotes regardless of age; ancestry; color; family medical or genetic information; gender identity and expression; marital, military, or veteran status; national and ethnic origin; physical or mental disability; political affiliation; pregnancy; race; religion; sex; sexual orientation; and any other protected characteristics. For further information please visit the Equal Employment Opportunity Commission website EEO is the Law Poster and Pay Transparency.

MITRE intends to maintain a website that is fully accessible to all individuals. If you are unable to search or apply for jobs and would like to request a reasonable accommodation for any part of MITRE’s employment process, please email recruitinghelp@mitre.org.

Copyright © 2024, The MITRE Corporation. All rights reserved. MITRE is a registered trademark of The MITRE Corporation. Material on this site may be copied and distributed with permission only.

\nBenefits information may be found here
Confirm your E-mail: Send Email