Malware Reverse Engineer Researcher

The Software Engineering Institute (SEI) is at the forefront of enhancing software engineering principles and practices, serving as a national resource in software engineering, computer security, and process improvement. We collaborate with defense and government organizations, industry, and academia to advance software-intensive systems. Our mission is to empower organizations to develop or acquire the right software, defect-free, within budget and on time, consistently.

The CERT Division of the SEI is looking for a highly motivated Reverse Engineer Researcher to join our Threat Analysis directorate. SEI operates as a federally funded research and development center affiliated with Carnegie Mellon University.

As a Reverse Engineer Researcher, you will:

• Analyze and reverse engineer malicious code to support high-impact clients.
• Innovate and develop new analysis methods and tools.
• Identify and address emerging complex threats in the cybersecurity landscape.
• Engage in comprehensive documentation of your findings through reports and presentations.
• Investigate the integration of artificial intelligence in reverse engineering efforts.
• Share your expertise with the broader security community through collaborations and publications.

You are an ideal candidate if you possess:

• A BS in Computer Science or a related field with eight years of experience, an MS with five years, or a PhD with two years of experience.
• A passion for tackling complex malware analysis and reverse engineering challenges.
• An analytical mindset and a keen desire to understand software intricacies.
• The ability to balance rapid prototyping with sustainable tool development.
• Strong technical writing skills.
• Experience handling sensitive information confidentially.
• The capability to manage shifting priorities effectively.
• A commitment to mentoring, training others, and sharing knowledge.
• Effective communication skills tailored to both technical and non-technical audiences.
• A willingness to travel periodically for the SEI's mission, including to sponsor sites, conferences, and offsite meetings (approximately 15% travel).

Candidates must undergo a background check and obtain and maintain an active Department of Defense security clearance.

Demonstrated experience and knowledge in:

• Reverse engineering software binaries across various architectures at both user and kernel levels.
• Utilizing static analysis tools (e.g., IDA Pro, NSA Ghidra, Binary Ninja).
• Employing user-level and kernel-level debuggers (e.g., x32dbg, x64dbg, gdb, WinDbg).
• Proficiency in native programming languages (e.g., C/C++) and high-level programming languages (e.g., Java, Python, GoLang).
• Understanding software engineering and design principles.
• Firmware and device driver development.
• Knowledge of malware tradecraft and threat actor tactics, techniques, and procedures (TTPs).
• Creating malware signatures independent of detection technologies.
• Understanding operating system concepts and binary file formats (e.g., PE, ELF, Mach-O).
• Using internet protocols and network analysis tools (e.g., Wireshark, netcat).
• Compiler theory, cryptography, and malware deobfuscation techniques.
• Mobile device development and reverse engineering practices.
• Utilizing malware sandboxes or instrumentation frameworks (e.g., Frida, QEMU, Unicorn Engine).
• A foundational understanding of artificial intelligence and machine learning applications in reverse engineering and malware analysis.

Become part of a world-class organization making a significant impact on software and cybersecurity:

• Work with cutting-edge technologies and experts to solve challenging government and national issues.
• Enjoy an 8% monthly retirement contribution without personal input.
• Access tuition benefits for you and your dependents at CMU and other institutions.
• Experience a healthy work/life balance with flexible work options and paid parental/military leave.
• Leverage university resources including mindfulness programs, childcare support, and transit benefits.
• Engage in annual professional development opportunities, including conferences, training, and membership reimbursement.
• Possibility for relocation assistance and more.

Location: Arlington, VA, Pittsburgh, PA

Position Type: Full-time

Pay Basis: Salary