What We Do: The SEI helps advance software engineering principles and practices and serves as a national resource in software engineering, computer security, and process improvement. The SEI works closely with defense and government organizations, industry, and academia to continually improve software-intensive systems. Our core purpose is to help organizations improve software engineering capabilities and develop or acquire the right software, defect free, within budget and on time, every time.
Position Summary: The CERT Division of the Software Engineering Institute (SEI) is seeking an applicant for the role of Reverse Engineer for the Threat Analysis directorate. The SEI is a federally funded research and development center at Carnegie Mellon University. The work of the Threat Analysis directorate includes:
Developing state of the art approaches for analyzing executable code.
Applying these approaches to understanding systemic vulnerabilities in software systems and how attackers adapt their tradecraft to exploit those vulnerabilities.
Studying and influencing the software security and vulnerability disclosure ecosystems.
BS in Computer science, Software Engineering, information systems, or a related technical field with eight (8) years of experience; MS in computer science or technical/engineering field with five (5) years of experience or equivalent combination of training and experience; PhD in computer science or technical/engineering field with two (2) years of experience; or equivalent combination of training and experience.
Requires travel to various domestic locations within the SEI and CMU community to include the SEI Pittsburgh office, sponsor sites, conferences, and offsite meetings with routine frequency (1-2 trips a month)
You will be subject to a background check and will need to obtain and maintain a Department of Defense security clearance.
You have a deep interest in cybersecurity, intellectual curiosity and a desire to make an impact beyond your organization
You enjoy developing and communicating innovative ideas and thinking creatively to solve tough problems
You can work under stress and adapt to shifting priorities
You relate collaboratively and diplomatically with people inside and outside the organization
You can organize and plan complex projects
You can recognize and properly handle confidential and sensitive information
Skills and Abilities:
Understanding of Internet fundamentals including network protocols, provider operations and governance
Thorough knowledge of the C programming language
Thorough knowledge of x86 assembly language
Familiarity with assembly language of additional processor architectures (beyond x86)
Solid understanding of operating system concepts
Ability to apply knowledge of technology, systems architecture and security best practice to practical problems in enterprise security
Ability to advise on a range of security topics based on research and expert opinion
Ability to work independently with limited supervision, lead project teams and mentor peers
Ability to objectively compare, and evaluate alternative technical solutions, and communicate results
Facility communicating complex system designs, technical approaches and road maps to sponsors, project managers and technical staff
Ability to distill the implications of complex research results, and apply those results to government operations
Knowledge of USG networks, security operations, and policy and governance
Experience in reverse engineering binary software
Experience in C/C++ development
Experience using disassemblers and debuggers
Experience collaborating on industry and academic community projects
Ability to develop software in Python and other modern programming languages
Background in mathematics, statistical modeling or machine learning
Job Function Breakdown:
40% Work with colleagues on research studies and prototypes, and help assemble reports and briefings on various security topics related to the application of threat research to problems in malware analysis
40% Enable the transition and appropriate focus of Threat Analysis approaches and tools into operational environments
15% Contribute to conferences and meetings; participate in marketing/engagement calls and technical exchanges with clients; analyst technical exchanges, training sessions and public speaking engagements; participate on working groups for subjects of interest
5% Engage in professional development activities to maintain and grow expertise
100% total effort
Please visit “Why Carnegie Mellon” to learn more about becoming part of an institution inspiring innovations that change the world.
Carnegie Mellon University is an Equal Opportunity Employer/Disability/Veteran.
About Software Engineering Institute
Pursue your passion and work alongside world-recognized leaders in the field of software engineering. Our staff works with the highest levels of U.S. government and industry to secure the nation's critical infrastructure, improve mission-critical systems, and advance the state of the art.
Interested in working with us? To browse employment opportunities and apply for a position at the SEI, see our list of open positions at http://www.sei.cmu.edu/careers/. You can also visit the Carnegie Mellon site to learn about benefits for eligible employees, search for open positions that match your interests, and create a Job Agent that will notify you by e-mail when jobs that meet your criteria become available.
Resumes from recruiting firms will not be accepted.
Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran