CNO Vulnerabilities Researcher / Reverse Engineer VR/RE

Job ID: 674928BR Date posted: Sep. 06, 2024 Program: CYBER2
Description:This position may be eligible for a $25K sign on bonus for external hires!


What We’re Doing:
Lockheed Martin, Cyber & Intelligence invites you to step up to one of today’s most daunting challenges: the use of advanced electronics to undermine our way of life. As a cyber security professional at Lockheed Martin, you’ll protect the networks that our citizens and the world depend upon each minute: Financial assets. Healthcare information. Critical infrastructure. Hazardous materials. The uninterrupted flow of energy that keeps modern life moving. Here, you’ll work with cybersecurity experts on the forefront of threat protection and proactive prevention. In this fast-paced, real-world environment, you’ll draw on all your education and experience as well as the resources of Lockheed Martin to keep the threats at bay.

Cyber | Lockheed Martin

Who we are:
Lockheed Martin's Rotary and Mission Systems (RMS) business area excels in developing advanced technology and solutions, with a dedicated Cyber and Intel team in Maryland specializing in cybersecurity, intelligence, and surveillance. This elite team combines deep domain expertise, innovative thinking, and state-of-the-art capabilities to defend and attack sophisticated cyber scenarios, while delivering actionable intelligence for mission success. By fostering a culture of collaboration, continuous learning, and customer-centricity, the Lockheed Martin RMS Cyber and Intel team in Maryland empowers its clients to stay ahead in an ever-evolving security landscape, ensuring mission resilience and operational excellence.

Why Join Us:
Your Health, Your Wealth, Your Life
Our flexible schedules, competitive pay and comprehensive benefits enable you to live a healthy, fulfilling life at and outside of work.
Learn more about Lockheed Martin’s competitive and comprehensive benefits package.

We support our employees, so they can support our mission.

The Work:
As a Vulnerabilities Researcher for Offensive Cyber Operations, your one of a kind mind will jump in to intricacies of systems in order to learn and know the functionality and how it behaves / triggers during breaches. In that sense, you've got to be adept at both creating and undermining novel security techniques, tactics and tools and be able to switch directions quickly (and easily). Projects and efforts like this are usually within small teams and close collaboration with clients. While coding is critical to the job, a large part of your daily role will be dissecting systems instead of building something new. Likely you'll be using Python to scrutinize C++ code.

You'll also need:
Software Development background
Experience with both sides of offense and defense
Interest in Offensive Cyber and/or hacking demonstrated through experience, certifications, or personal projects.
A lot of gumption

This position is participating in our External Referral Program. If you know somebody who may be a fit, click here to submit a referral. If your referral is hired, you'll receive a $3000 payment! code-extrefer

#RMSC6ISR
#RMSCYTJ
Basic Qualifications:
- Current DoD Top Secret SCI with Polygraph is required.
- Experience with C or C++ or Objective C
- Experience performing low-level development (ex: C and/or assembly) for any major operating system.
- Assembly Language Experience (x86, x64, ARM, MIPS, PowerPC, etc.)
- Experience with reverse engineering tools and debuggers (IDAPro, Ghidra, Binary Ninja, etc).
- 12+ years experience overall
- Strong communication skills specifically working with technical audiences (verbal and written), especially with your recruiter.
Desired Skills:
Experience in any of the areas below:
- Scripting language experience. (Python, Ruby, etc.)
- Demonstrated understanding of common IP network principles. (IP addressing, subnetting, routing, NAT, VLANs, etc.)
- Experience with virtualization and emulation tools.(VMware, KVM, QEMU, etc.)
- Demonstrated knowledge of internals for any major operating system including Windows, Linux, MacOS, Android, iOS, and any real-time operating system.
- Experience developing proof-of-concept exploits to include CVEs.
- Experience firmware dumping (SPI flash, JTAG, SWD, UART, etc.)
- Demonstrated understanding of basic cryptography and current cryptographic protocols.
- Experience in any of the following developer tools:
• Project Collaboration Tools (Atlassian Jira, Confluence, etc.)
• Development build tools (GNU Make, cross-compilers, etc.)
• Software configuration management (Git, Subversion, etc.)
• Automated test and CI/CD systems (Atlassian Bamboo, Jenkins, etc.)
• Virtualized environments (VMware, Hyper-V, KVM, etc.)

Experience in Multiple Security Tools and Techniques:
• Reverse engineering tools (IDAPro, Ghidra, Binary Ninja, etc.)
• Dynamic analysis tools and emulation (gdb, QEMU, etc.)
• Protocol analysis tools (Wireshark, etc.)
• RF test equipment (SDRs, spectrum analyzers, etc.)
• Electronics test equipment (ex: oscilloscopes, logic/bus analyzers, JTAG, traffic generators, etc.)
• Glitching (Clock, Power, Thermal, etc.)

Experience with one or more communications and network protocols such as:
• Data exchange formats (JSON, XML, etc.)
• Data transfer protocols (FTP, TFTP, HTTP(S), MQTT, WebSocket, etc.)
• Network service protocols (DHCP, DNS, SNMP, etc.)
• Wireless technologies (Wi-Fi, Bluetooth, cellular networking, ZigBee, LoRaWAN, etc.)
• Tunneling protocols (IPsec, OpenVPN, tor, etc.)
• Media protocols (SIP, VoIP, HTML5 audio/video, etc.)
Clearance Level: TS/SCI w/Poly SP
Other Important Information You Should Know
Expression of Interest: By applying to this job, you are expressing interest in this position and could be considered for other career opportunities where similar skills and requirements have been identified as a match. Should this match be identified you may be contacted for this and future openings.
Ability to Work Remotely: Onsite Full-time: The work associated with this position will be performed onsite at a designated Lockheed Martin facility.
Work Schedules: Lockheed Martin supports a variety of alternate work schedules that provide additional flexibility to our employees. Schedules range from standard 40 hours over a five day work week while others may be condensed. These condensed schedules provide employees with additional time away from the office and are in addition to our Paid Time off benefits.
Schedule for this Position: 9x80 every other Friday off
Lockheed Martin is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.
The application window will close in 90 days; applicants are encouraged to apply within 5 - 30 days of the requisition posting date in order to receive optimal consideration.
At Lockheed Martin, we use our passion for purposeful innovation to help keep people safe and solve the world's most complex challenges. Our people are some of the greatest minds in the industry and truly make Lockheed Martin a great place to work.

With our employees as our priority, we provide diverse career opportunities designed to propel, develop, and boost agility. Our flexible schedules, competitive pay, and comprehensive benefits enable our employees to live a healthy, fulfilling life at and outside of work. We place an emphasis on empowering our employees by fostering an inclusive environment built upon integrity and corporate responsibility.

If this sounds like a culture you connect with, you’re invited to apply for this role. Or, if you are unsure whether your experience aligns with the requirements of this position, we encourage you to search on Lockheed Martin Jobs, and apply for roles that align with your qualifications.
Experience Level: Experienced Professional
Business Unit: RMS
Relocation Available: Possible
Career Area: Cyber Security
Type: Task Order/IDIQ
Shift: First