Cyber System Exploitation Researcher
Discover the satisfaction of innovation and service to the nation
More than 700 patents have been granted for technologies developed by the Laboratory’s staff
The Cyber System Assessments Group provides the U.S. government with independent assessments of cyber systems and capabilities. These assessments are accomplished through the research and development of unique, cutting-edge technical capabilities for understanding, testing, assessing, and analyzing cyber technologies. In addition to the principal mission of planning, constructing, supporting, and executing testing and evaluation activities of cyber capabilities, the group also focuses on red-teaming to identify weaknesses in U.S. systems and characterization of adversary capabilities. The group achieves success through excellence and experience in core technical competencies, including the planning and execution of cyber evaluations, development of realistic, high-fidelity test environments to model the Internet and networks of interest, modeling of adversary capabilities, development of threat surrogates, low-level systems analysis for vulnerability discovery and malicious software analysis, low-observable system instrumentation and forensic analysis, and reverse engineering.
The selected candidate will join a team of experts developing tools and techniques for software or hardware cyber security or cyber capability development, and software or hardware system reverse engineering and exploitation, anad will solve borad technical problems, develop new ideas and approaches as well as execute programs. We define system exploitation as gaining and maintaining unauthorized control over a system. Principal areas of research include cyber tool development and system analysis of offensive or defensive cyber tools and systems, automated vulnerability discovery, reverse engineering, software protection mechanisms, static analysis and dynamic instrumentation. The selectee will effectively communicate their research to non-domain experts through writing, public speaking, and hands-on training sessions and mentor other team members..
PhD in Computer Science, Computer Engineering or related discipline. In lieu of a PhD, an MS and 3+ years or BS and 6+ years of directly related experience with demonstrated domain expertise will be considered. Proficiency programming a high level language, such as Java, as well as one or more scripting languages, such as Python, and a systems programming language, such as C is required. Understanding of an instruction set architecture (such as x86), operating systems, or virtualization.
Experience with any one or more of the following is desired:
- Operating system internals
- Driver development
- Network protocols
- Computer security
- Vulnerability assessment
- Measurement and metrics
- Debugging using WinDbg or similar tools,
- Static analysis using IDAPro or similar tools
- SAT/SMT solvers
- Symbolic execution
- Dataflow analysis for compiled binaries
- Binary intermediate representations
- Binary translation
- Vulnerability discovery and analysis
- Virtualization implementation or instrumentation techniques
- Compiler construction
- Embedded systems firmware reverse engineering
- Anti-debugging or anti-instrumentation techniques and countermeasures and detection thereof
All employees are required to obtain and maintain a security clearance; therefore, we must require U.S. citizenship for all employees.
MIT Lincoln Laboratory
Working at Lincoln Laboratory
Since its inception, our people have envisioned incredible technology and projects that start out as vital to national security and often become vital to the everyday technology of the future.
If you’d like to contribute to U.S. national security in an environment of extraordinary innovation – then explore a career at MIT Lincoln Laboratory.
Company Type: Educational
Company Size: 1,001-5000