Sr Assoc, Security Research Engineer
Virginia; ; Dulles, VirginiaJob ID SAS20210803-57755
What makes a successful Business and Operations team member at L3Harris?
Check out the traits we’re looking for and see if you have the right mix.
My favorite part of working for L3Harris is knowing that the parts that I procure go into products that help save lives.Lizzie, Procurement Associate, Rochester, NY
L3Harris Work Perks
L3Harris is dedicated to recruiting and developing diverse, high-performing talent who are passionate about what they do. Our employees are unified in a shared dedication to our customers’ mission and quest for professional growth. L3Harris provides an inclusive, engaging environment designed to empower employees and promote work-life success. Fundamental to our culture is an unwavering focus on values, dedication to our communities, and commitment to excellence in everything we do.
L3Harris Technologies is an agile global aerospace and defense technology innovator, delivering end-to-end solutions that meet customers’ mission-critical needs. The company provides advanced defense and commercial technologies across air, land, sea, space and cyber domains. L3Harris has approximately $18 billion in annual revenue and 48,000 employees, with customers in more than 100 countries.
Job Title: Sr. Assoc. Security Research Engineer
Job Code: SAS20210803-57755
Job Location:Dulles, VA ( or Remote)
L3Harris is currently seeking a security researcher to join our team. This individual will perform reverse engineering tasks associated with vulnerability detection and manipulation of targeted systems. The work will be performed in the Dulles, VA area. This position requires 10% travel to classified sites and is largely a remote/work-from-home opportunity. This is an extremely exciting position working with National Security customers to protect and defend our nation. Don’t join a job, join a mission. L3Harris Technologies is seeking the best of the best to lead our Security Vulnerability and RE efforts for our customers.
Experience or familiarity with many of the areas below:
- Architectures: AARCH32, AARCH 64, MIPS, x86/x64
- Platforms: Android, iOS, Linux, RTOSs (e.g. QSEck, QuRT, ThreadX)
- Protocols: Cellular Protocols, 802.11, Bluetooth/BTLE, Network Protocols (e.g. HTTP/S, IP, RTP, SSL/TLS, TCP, UDP)
- Privilege Levels: LPE, RCE, Usermode/Kernelmode
- Reverse Engineering Tools: ApkTool, Binary Ninja, BinDiff, Binwalk, Dex2Jar, GDB, Ghidra, JTAG, Hex-rays IDA
- Experience with Fuzzing or Emulation tools (e.g. AFL, AFL++, AFLSmart, QEMU, Unicorn)
- Development Applications (e.g. Eclipse, Clang/LLVM, CMake, CCS)
- Security protection methods and techniques (e.g. DEP, ASLR, etc)
- Working knowledge of Application Binary Interfaces such as calling conventions, system calls, alignments, processor instruction sets, and object files
- Knowledge of vulnerability scans and methods of recognizing vulnerabilities systems.
- Knowledge of cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation)
- Ability to apply programming language structures (e.g., source code review) and logic
- Self-starter/motivated – ability to work through complex problems individually or with little direction
- Remote work supported
- Bachelor’s degree in a relevant field (i.e. Computer Science, Electronics Engineering, or related field) with a minimum of 2 years of prior relevant work experience; or
- Associate Degree in a relevant field (i.e. Computer Science, Electronics Engineering, or related field) with a minimum of 6 years of prior related experience; or
- Graduate Degree or equivalent with 0 to 2 years of prior related experience.
- Industry specific experience:
- Vulnerability Research Experience: 2yrs+
- Reverse Engineering Experience: 2yrs+
- C/C++ Experience: 2yrs+
Preferred Additional Skills:
- RF/Software Defined Radio: BladeRF, HackRF, RTL, Ubertooth, USRP
- Excellent spoken and written communication skills capable of explaining complex and diverse technical details to higher and lower levels, including their "so-what" impact to customer/business
- Proficiency with IDA, Ghidra, Binary Ninja, and/or radare
- Proficiency with debuggers such as GDB, LLDB, WinDBG, or OllyDbg
- Experience with RISC architectures
- Experience with prevalent radio communication protocols
- Experience with operating system internals including solid knowledge of information security, computer architecture, software and hardware protection schemes, and virtualization theory
- Experience with userland and kernel mode debugging, including debugging in embedded environments
- Experience writing custom IDA loaders, processor modules, IDA python, and Hex-Rays de-compiler plugins
- Knowledge of fault injection frameworks, fuzzing and virtualization
- Experience working as a Technical Lead is a plus
- Prior Offensive Cyber experience in the USG/Military
- GIAC/ISC2/CEH Certifications
- SECRET Clearance or higher is preferred
Please be aware many of our positions require the ability to obtain a security clearance. Security clearances may only be granted to U.S. citizens. In addition, applicants who accept a conditional offer of employment may be subject to government security investigation(s) and must meet eligibility requirements for access to classified information.
By submitting your résumé for this position, you understand and agree that L3Harris Technologies may share your résumé, as well as any other related personal information or documentation you provide, with its subsidiaries and affiliated companies for the purpose of considering you for other available positions.
L3Harris Technologies is proud to be an Affirmative Action/Equal Opportunity Employer. L3Harris is committed to treating all employees and applicants for employment with respect and dignity and maintaining a workplace that is free from unlawful discrimination. All applicants will be considered for employment without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender (including pregnancy, childbirth, breastfeeding or other related medical conditions), gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, characteristic or membership in any other group protected by federal, state or local laws. L3Harris maintains a drug-free workplace and performs pre-employment substance abuse testing and background checks, where permitted by law.